Welcome to the Virus Encyclopedia of Panda Security.
Sdbot.gen a generic detection for future variants of the Sdbot family
|First detected on:||June 23, 2004|
|Detection updated on:||June 23, 2004|
|Yes, using TruPrevent Technologies
Sdbot.gen is not an specific worm, but a generic detection for future variants of the Sdbot family. This group of worms has the following common characteristics:
They act as backdoors, thus allowing hackers to gain remote access over the affected computer in order to carry out actions that compromise user confidentiality and impede the tasks performed.
They use their own IRC client in order to join an IRC channel and accept remote control commands, such as launching denial of service (DoS) attacks against websites.
They can also download and run files on the affected computer.
They spread across computer networks. In order to do so, it checks if the affected computer belongs to a network. If so, they attempt to access the network shared resources, using passwords that are typical or easy to guess. Then, they make a copy of themselves to those shared resources.
Sdbot.gen is difficult to recognize, as it does not show any messages or warnings that indicate it has reached a computer.