Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

VIRUS ALERTS - December 21, 2005

Dec 20, 2005 9:47PM PST

Discussion is locked

- Collapse -
W32/Tilebot-CQ
Dec 21, 2005 8:34AM PST

Type Spyware Worm

Aliases Backdoor.Win32.SdBot.ajk

W32/Tilebot-CQ is a worm and IRC backdoor for the Windows platform.
W32/Tilebot-CQ spreads to other network computers by exploiting common buffer overflow vulnerabilities, including WKS (MS03-049) (CAN-2003-0812), PNP (MS05-039) and ASN.1 (MS04-007) and copying itself to network shares protected by weak passwords.
W32/Tilebot-CQ includes functionality to access the internet and communicate with a remote server via HTTP.
The following patches for the operating system vulnerabilities exploited by W32/Tilebot-CQ are available from Microsoft:
MS03-049
MS04-007
MS05-039

http://www.sophos.com/virusinfo/analyses/w32tilebotcq.html

- Collapse -
W32/Yahos-A
Dec 21, 2005 8:35AM PST