W32/Sdbot-AE is a worm that spreads on unpatched Windows systems by exploiting the RPC/DCOM vulnerability. The worm also has a backdoor component that allows a remote attacker access to a compromised system via the IRC network.
In order to run automatically when Windows starts up W32/Sdbot-AE creates the following registry entries pointing to the worm binary:
The spreading routine of the worm is activated remotely via the IRC control channel.
Turn up the volume with our Apple Byte sweeps!
Two lucky winners will take home the coveted smart speaker that lets Siri help you around your connected house. This sweepstake ends Feb. 25, 2018.