We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Protect your PC

New Deloader worm targets weak passwords

A new worm on the internet targets computers running Microsoft Windows and using easy-to-guess passwords for the Administrator account, according to alerts posted by a number of antivirus companies.

The new worm, W32/Deloader-A (Deloader), appeared on Sunday and is considered a low risk for infection, according to an alert posted by antivirus firm F-Secure.

The worm attempts to connect to other computers on a network through TCP (transmission control protocol) port 445, randomly generating IP (internet protocol) addresses to locate vulnerable machines. Port 445 is used to access shared files on Windows machines with the SMB (server message block) protocol.

When a vulnerable Windows machine is located, the worm attempts to log on to the machine's Administrator account by trying 50 likely passwords such as "admin," "password," "12345" and "administrator," F-Secure said.

If the worm succeeds in breaking the Administrator account password, it places copies of a backdoor (trojan) program known as "inst.exe" in several locations on the infected machine.

The worm also modifies the machine's registry to run another copy of itself, "DVLDR32.EXE," according to advisories from F-Secure, Sophos and Symantec.

Machines running Windows 95, 98, NT, 2000, Me and XP are vulnerable to attack by Deloader.


IDG UK Sites

6 best gaming PCs 2015: What's the best gaming PC you can buy in the UK?

IDG UK Sites

Three of the most expensive Limited Edition games ever made: Who's buying a $1,000,000 game?

IDG UK Sites

The future of Microsoft Surface: What to expect from the Surface Pro 4

IDG UK Sites

Best Mac: Apple Mac buyers guide for 2015: iMac, MacBook, MacBook Air, MacBook Pro, Mac mini and...