Korgo is written by Russian hackers
Date: June 10, 2004Source: Computer Crime Research Center
By:
A new worm uses the same vulnerabilities as the Sasser worm that caused havoc last month. Although this Korgo virus is not wide spread yet, it forced security companies like Symantec, F-Secure to issue warnings as Korgo is obtaining personal financial information. Hence it has become dangerous to do shopping on the Net because Korgo records all keyboard keystrokes on your computer and saves them in a log file in the background. The virus just opens up a backdoor through which a hacker could enter and install a key-logger program undetected; however, Korgo itself does not contain such an application.
Korgo (aka Padobot) is a network worm allegedly written by the Russian Hangup Team virus group. It spreads throughout the Internet using a vulnerability in Microsoft Windows LSASS buffer overrun vulnerability. Korgo spreads via the Web, which means that it does not need to be launched by a user, as e-mail viruses do. There are a number of variants, and the virus is currently up to Korgo.E.
But because Korgo exploits the same vulnerability that Sasser did, it only affects those computer users and businesses that did not install a security patch during the Sasser threat.
For this reason, only a small number of users should be affected.
Read more about Russian viruses
Add comment Email to a Friend
Discussion is closed - view comments archieve |
2005-09-02 23:02:02 - Veri nice site! Benny |
2004-06-21 13:07:28 - ¿Does it have something to do with ICQ... bridget |
Total 2 comments |