Welcome to the Virus Encyclopedia of Panda Security.
It connects to several IRC severs in order to receive remote control commands such as scanning IP addresses in search for computers to affect, launch DoS attacks or download and run files.
|First detected on:||Oct. 23, 2005|
|Detection updated on:||Oct. 23, 2005|
|Yes, using TruPrevent Technologies
IRCBot.NT is a backdoor that connects to several IRC servers in order to receive remote control commands. It can be instructed to search for computers to affect, launch DoS (Denial of Service) attacks, download files, etc.
IRCBot.NT does not spread by its own means, but it can receive control commands to exploit the Plug and Play vulnerability and affect other vulnerable computers.
It is highly recommendable to download the security patch for the vulnerability Plug and Play from the Microsoft website.
Note: on October 11, 2005 this patch for the Plug and Play vulnerability was revised and replaced by an updated patch, whose bulletin number was MS05-047.
IRCBot.NT is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.