I recently came across an interesting IRCBot which KAV detects as Backdoor.Win32.IRCBot.lo.

When I took a closer look at it, I found out that it’s quite an advanced bot with a lot of features.

The thing which interested me most was the ability of the bot to spread via IM. There’s support for just about every IM-client.

It also started me thinking about the way malware which spreads via IM has evolved over the last year, specifically the shift from IM-Worm+IRCBot to ‘IM-Bot’ – an IRCBot which also includes IM-Worm functionality.

We’ll have an article about this on viruslist in the near future.


Your email address will not be published. Required fields are marked *


Subscribe to our weekly e-mails

The hottest research right in your inbox