Discovered: November 25, 2003
Updated: February 13, 2007 12:14:17 PM
Also Known As: BackDoor-CAG [McAfee], Troj/Sysbug-A [Sophos], TROJ_SYSBUG.A [Trend]
Type: Trojan Horse
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
Backdoor.Sysbug is a Backdoor Trojan Horse that opens TCP port 5555 and waits for commands from the Trojan's author. It also steals information about an infected computer's configuration.
The Trojan is distributed in an email with the following characteristics:
From: james2003@hotmail.com
Subject: Re[2]: Mary
Attachment: Private.zip
Protection
-
Initial Rapid Release version November 25, 2003
-
Latest Rapid Release version August 20, 2008 revision 017
-
Initial Daily Certified version November 25, 2003
-
Latest Daily Certified version August 20, 2008 revision 016
-
Initial Weekly Certified release date November 26, 2003
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
-
Wild Level: Low
-
Number of Infections: 0 - 49
-
Number of Sites: 3 - 9
-
Geographical Distribution: Low
-
Threat Containment: Easy
-
Removal: Moderate
Damage
Distribution
Writeup By: Kaoru Hayashi
