Mar2
10:14 am (UTC-7)   |   by Miray Lozada (Technical Communications)

Recent variants of RINBOT exploited a vulnerability in Symantec antivirus software. RINBOT emerged in 2006 spawning new variants of RINBOT in mid-February that exploited certain software (including Windows) vulnerabilities. Trend Micro detects the newest Rinbot variants as WORM_RINBOT.F and WORM_RINBOT.E. Both variants exploit an old SQL Server flaw, propagates via network shares, and has backdoor capabilities.

As newer variants emerge, information will be posted in the Trend Micro Virus Encyclopedia. Solutions for cleaning are available in the above links. RINBOT can be blocked by using firewall applications, specifically blocking and restricting outgoing port traffic.

RINBOT does not currently exploit any known vulnerability in any Trend Micro products.

If you're new here, you may want to subscribe to our RSS feed. Thanks for visiting!



This entry was posted on Friday, March 2nd, 2007 at 10:14 am and is filed under Uncategorized . Responses are closed, but you can trackback from your own site.



No Responses to “RINBOT Malware on the Loose”

  1. Chris Mosby at myITforum.com : RINBOT Malware on the Loose - TrendLabs | Anti-Malware Blog - by Trend Micro Says:
    March 2nd, 2007 at 5:41 am

    [...] RINBOT Malware on the Loose [...]

  2. Nirbot - Even Botters Need Attention · Security to the Core | Arbor Networks Security Blog Says:
    March 7th, 2007 at 1:04 pm

    [...] RINBOT Malware on the Loose, from the good folks at Trend Miro [...]


MOPB Starts with 3 Bugs
eclipse with Solaris


 
TrendWatch Hijack This Web Protection Add-On
Free Online Virus Scan Rootkit Buster Submit Suspicious Files
Global Malware Map RUBotted? Trend Micro
 

 
© Copyright 2009 Trend Micro Inc. All rights reserved. Legal Notice