|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Mihai (Cop) Moldovanu (mihaim
tfm.ro)Date: Fri Jun 28 2002 - 14:46:06 CDT
Domas Mituzas said:
> Hi,
>
> our honeypot systems trapped new apache worm(+trojan) in the wild. It
> traverses through the net, and installs itself on all vulnerable
> apaches it finds. No source code available yet, but I put the binaries
> into public place, and more investigation is to be done.
>
> http://dammit.lt/apache-worm/
>
> Regards,
> Domas Mituzas
>
> Central systems MicroLink Data
I dissasembled it. Was a good thing that executable was not stripped.
Result is here :
http://projects.tfm.ro/security/apache_worm/
I will look deeper into it tonight.
Best Regards ,
-- TFM Group . Linux Division . Mihai Moldovanu http://www.tfm.ro/ http://portal.tfm.ro/To Unsubscribe: send mail to majordomo
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]