Virus Encyclopedia
Welcome to the Virus Encyclopedia of Panda Security.
Sdbot.AWT | |
Threat Level Damage Distribution |
 |
| Common name: | Sdbot.AWT |
| Technical name: | W32/Sdbot.AWT.worm |
| Threat level: | Medium |
| Type: | Worm |
| Effects: | It joins an IRC channel in order to receive control commands, such as launching denial of service attacks against websites. |
| Affected platforms:
|
Windows 2003/XP/2000/NT/ME/98/95 |
| First detected on: | Oct. 5, 2004 |
| Detection updated on: | May 22, 2005 |
| Statistics | No |
Proactive protection: | Yes, using TruPrevent Technologies
|
Brief Description | |
Sdbot.AWT is a worm with backdoor characteristics, which allows hackers to gain remote access to the affected computer in order to carry out actions that compromise user confidentiality and impede the tasks performed. Sdbot.AWT uses its own IRC client in order to join an IRC channel and accept remote control commands, such as launching denial of service (DoS) attacks against websites. It can also download and run files on the affected computer. Sdbot.AWT spreads across computer networks. In order to do so, it checks if the affected computer belongs to a network. If so, it attempts to access the network shared resources, using passwords that are typical or easy to guess. Then, it makes a copy of itself to those shared resources. |
Visible Symptoms | |
Sdbot.AWT is difficult to recognize, as it does not display any messages or warnings that indicate it has reached a computer. |