Vulnerabilities Threats

English Russian Japanese LatAm Türkiye Brasil France Český Deutschland

IRC-Worm.IRC.Edoc

Home Threats IRC-Worm IRC-Worm.IRC.Edoc
Class IRC-Worm
Platform IRC
Description

Technical Details

This is a simple network worm that replicates in IRC channels.

The worm sends the following message to all channel users, except
channel operators, that connect to the channel where an infected user is
connected:

 hey  to get OPs use this hack in the chan but SHH!

 //$decode(d3JpdG............................................................
 ............................................................................
 ............................................................................
 ............................................................................
 ...................SkgLG0p,m) | $decode( Lmxv........IMQ= ,m)

(dots are placed instead of the virus)

This message contains a line starting from “//”, which is a script
command and contains the worm’s body, encoded with MIME base64 encoding.

If a user receiving the infected message starts the script, the worm
creates a file that is then distributed through IRC channels, and adds
a link to the infected file in the “mirc.ini” file.
Find out the statistics of the threats spreading in your region
© 2023 AO Kaspersky Lab. All Rights Reserved.
Privacy Policy Cookies

Up