7/6: Tilebot-JY Worm Exploits Flaws
W32/Tilebot-JY is a network worm with backdoor functionality for the Windows platform.
W32/Tilebot-JY spreads to other network computers by exploiting common buffer overflow vulnerabilities, including: SRVSVC (MS06-040), WKS (MS03-049) (CAN-2003-0812), PNP (MS05-039) and ASN.1 (MS04-007). The worm may also spreads via network shares protected by weak passwords.
W32/Tilebot-JY runs continuously in the background, providing a backdoor server that allows a remote intruder to gain access and control over the computer via IRC channels.
W32/Tilebot-JY includes functionality to:
More information can be found at this Sophos page.