There appears to be a new Beagle on the loose. According to the information on Symantecs Security Response Page it opens a backdoor on port 81. It creates a file with a variant of the name wingo in the executable name, adds a wingo.exe in the Registry Key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
and attempts to disable anti-virus and security software and block the websites.
Lenny will continue to update in the next diary.
Handler on Duty
Oct 29th 2004
1 decade ago