| VID |
24083 |
| Severity |
40 |
| Port |
Random |
| Protocol |
TCP |
| Class |
BackDoor |
| Detailed Description |
The host seems to have been infected with the MoonLit virus.
Backdoor.Moonlit is a Trojan horse program that can download and execute files, and may act as a proxy server. This backdoor opens random TCP ports and waits for incoming commands from a remote user.
* References:
http://secunia.com/virus_information/10942/moonlit/
http://securityresponse.symantec.com/avcenter/venc/data/backdoor.moonlit.html
http://uk.trendmicro-europe.com/enterprise/security_info/ve_detail.php?VName=BKDR_MOONLIT.A
* Platforms Affected:
Microsoft Windows Any version |
| Recommendation |
Remove this Worm immediately. Most antivirus software companies have updates their software to keep the MoonLit virus at bay, so you should download any available updates through its Live Update feature and remove the MoonLit virus using antivirus software.
-- AND --
You ensure that all patches for the Microsoft Windows are applied in order to minimize the threat of a system compromise. And enforce a password policy for all user accounts. |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
