Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: parishilton.scr SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
There's a new variant of SDBOT making the rounds, arriving via IM as a link to a file called parishilton.scr . Those few AV that already detect it, seem to call it Sdbot.XD.  Maybe a good moment to check your proxy logs to see who of your IM users clicked on it...

383 Posts
ISC Handler
Oct 21st 2005

Sign Up for Free or Log In to start participating in the conversation!