[Dshield] Simultaneous MSBlaster and ??? attack?
micheal at cancercare.net
Wed Aug 13 15:15:16 GMT 2003
Does anyone have any information on any trojans that are utilizing the same
DCOM exploit yet? I've got systems that were patched via the Win2k patch
file, not via windows update, that have an apparent trojan on them. The main
systems that are noticeable is the inability to pull up properties, see
within the winnt folder and the control panel icons are all listed in a
frame on the left, Add / Remove programs is empty with the fonts mangled.
I'd seen mention of kaht2 root kit using the DCOM exploit, but it appears to
have been overshadowed by msblaster.
TSG Network Administration
Confidentiality Notice: This e-mail message, including any attachments, is
for the sole use of the intended recipient(s) and may contain confidential
and privileged information. Any unauthorized review, use, disclosure or
distribution is prohibited. If you are not the intended recipient, please
contact the sender by reply e-mail and destroy all copies of the original
More information about the list