W32/Vanebot-AU is a worm with IRC backdoor functionality for the Windows platform.

W32/Vanebot-AU runs continuously in the background, providing a backdoor server that allows a remote intruder to gain access and control over the computer via IRC channels.

W32/Vanebot-AU attempts to spread via the RealVNC vulnerability (CVE-2006-2369), MSSQL shares, network shares, MSN Messenger and Yahoo Instant Messenger. It contains functionality to steal information and participate in denial-of-service attacks.


More information can be found at this Sophos page.