Deloder worm clearing the way for a DDoS attack

Author
Aron Schatz
Posted
March 10, 2003
Views
1213
Tags Bugs

Page All:

Page 1
Damn DDoS attacks, the same that brang down this site a few weeks ago. Win2k/XP/2003 are affected. Figures, the newest OSes are affected.

Quote

It exploits a loophole in TCP port 445, otherwise known as the Microsoft-DS port, to log on to remote machines as an administrator using a fixed list of passwords.

This worm runs on Windows 2000, XP, and the Server 2003 family. It usually arrives as the file Dvldr32.exe. When executed on the said platforms, it extracts the valid network utility, PSEXEC.EXE by SysInternals, into the directory where it is executed.

Title

Medium Image View Large