We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Symantec warns of new worm variant

Antivirus users should update now to repel Rinbot

Security experts are urging users of Symantec's antivirus software to update it to combat a new variant of the worm known as either Rinbot or Delbot.

The worm exploits a vulnerability in Symantec software and seeks to set up botnets from which DOS (denial-of-service) attacks can be launched. It propagates by creating emails with the worm program attached or by attaching the program to outgoing email, said Ron O'Brien, a senior security analyst at Sophos.

Symantec has the worm listed as one of two latest threats today, and has issued a Daily LiveUpdate that protects against what the company calls W32.Rinbot.L. Sophos calls the worm W32/Delbot-L.

The worm takes advantage of weak passwords to install on machines including Microsoft SQL servers using Windows network APIs, such as the Messaging API, says O'Brien. The worm creates registry changes in systems it infects that must be removed. Symantec classifies removal as easy.

The worm was detected at work against servers in CNN's network Wednesday, according to O'Brien.


IDG UK Sites

OnePlus One release date, price, specs UK: No invite needed any longer

IDG UK Sites

15 analogue facts that today's kids won't understand: winding tapes, Ceefax and more

IDG UK Sites

da Vinci Junior 3D printer review

IDG UK Sites

WWDC 2015: What Apple will launch at WWDC 2015: Apple TV, Macs, more & how to get WWDC tickets