Welcome to the Virus Encyclopedia of Panda Security.
It opens TCP port 8190 and acts as a backdoor. It launches Denial of Service attacks against the web page www.symantec.com and prevents access to several websites. It spreads via email and across the Internet, exploiting the LSASS vulnerability.
|First detected on:||July 27, 2005|
|Detection updated on:||Aug. 4, 2005|
Lebreat.F is a worm that opens the TCP port 8190 and allows hackers to remotely access the computer, thus functioning as a backdoor.
It launches DoS (Denial of Service) attacks against the web page www.symantec.com, and also prevents users from accessing several websites, mostly belonging to antivirus companies.
Additionally, it disables the Windows Registry editor and the Task Manager.
Lebreat.F spreads via email with a message of variable characteristics, and across the Internet. In this case, it will attack random IP addresses in order to exploit the LSASS vulnerability.
If you have a Windows XP/2000 computer, it is highly recommendable to download the security patch for the LSASS vulnerability from the Microsoft website.
Lebreat.F is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.