Back to SonicALERT
Gbot Trojan (Dec 09, 2010)
Description
SonicWALL UTM Research team received reports of a new Trojan that can be used to relay sensitive information to remote hosts and accept remote commands from an attacker. The Trojan will make periodic GET and POST requests to remote servers for pages and files that do not exist. Some parts of the requests contain system information or is encrypted.
The Trojan performs the following activities upon execution:
SonicWALL Gateway AntiVirus provides protection against this threat via following signature:
GAV: Cycbot.AA_6 (Trojan)
Back to top
Back to SonicALERT