Follow Tweet This Facebook LinkedIn

Main menu

Skip to secondary content
Menu
  • Tech News
    • Last 48 Hours
    • Analytics
    • Artificial Intelligence
    • Careers
    • Cloud
    • Digital Transformation
    • Ecommerce
    • Education
    • Emerging Tech
    • Infrastructure
    • IT Workplace
    • Leadership
    • Managed Services & Outsourcing
    • Marketing
    • Mobility
    • Opinion
    • Privacy & Security
    • Public Sector
    • Software
    • Wireless & IoT
    • Women in Technology
    • Work from home
  • Resources
    • Reports and Whitepapers
    • News for CIOs
    • CIO Census
    • Digital Security Zone
    • Webinar Highlight Reports
    • Roundtable Highlight Reports
    • 2020 IT Salary Calculator
    • AI Directory
    • ITWC Talks
    • Featured Partner Content Hubs
    • Digital Magazines
    • Blogs
  • Events
    • CANADA’S TOP WOMEN IN CYBERSECURITY
    • CIO OF THE YEAR
    • MapleSEC
    • UPCOMING EVENTS
    • FLAGSHIP EVENTS
    • VIrtual Events
    • Webinars
    • Roundtables
    • All IT World Canada Events
  • Videos
    • President to President
    • All Tech Videos
  • Podcasts
    • Cyber Security Today
    • #Hashtag Trending
    • CMO Talks
    • ITWC Podcast Network
  • Engage
    • Blogger Opportunities
    • 2020 Vision
    • Gartner Corner
    • About Us
    • Privacy Policy
    • Contact Us
  • Subscribe
#TRENDING
  • Analytics
  • Women in Tech
  • MapleSEC
  • Work from home
  • Morning Briefing
  • Cloud
  • Technicity WEST

OUCH! Free Content gets hurt by enabled Ad Blockers

Please consider unblocking us or Subscribe in support of our great non-gated content.
New Deloder worm targets weak passwords
Emerging Tech

New Deloder worm targets weak passwords

Paul Roberts
Paul Roberts
@itworldca
Published: March 11th, 2003

A new worm on the Internet targets computers running the Microsoft Corp. Windows operating system, using easy-to-guess passwords for the Administrator account, according to alerts posted by a number of antivirus companies.

The new worm, W32/Deloder-A (Deloder), appeared on Sunday and is considered a low risk for infection, according to an alert posted by F-Secure Corp. of Helsinki, Finland.

Deloder is believed to have originated in China, F-Secure said.

The worm attempts to connect to other computers on a network through TCP (Transmission Control Protocol) port 445, randomly generating IP (Internet Protocol) addresses to locate vulnerable machines.

Port 445 is used to access shared files on Windows machines with the SMB (Server Message Block) protocol.

When a vulnerable Windows machine is located, the worm attempts to log on to the machine’s Administrator account by trying 50 likely passwords such as “admin,” “password,” “12345,” and “administrator,” F-Secure said.

If the worm succeeds in breaking the Administrator account password, it places copies of a backdoor, trojan program known as “inst.exe” in several locations on the infected machine.

The worm also modifies the machine’s registry to run another copy of itself, “DVLDR32.EXE,” according to advisories from F-Secure, Sophos PLC and Symantec Corp.

Machines running Windows 95, 98, NT, 2000, ME and XP are vulnerable to attack by Deloder, Symantec said.

No infections from Deloder have been reported and most firewalls block access to port 445. Still, many home computers without firewalls may be vulnerable to the new worm.

As of Monday morning, most antivirus companies posted updated virus definitions to detect the new Deloder worm, as well as utilities to remove the worm from infected machines.

Would you recommend this article?

0
0
Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada
Tweet This Facebook LinkedIn
Emerging Tech Administrator account, firewalls, home computers, passwords, Protocol
Xeon zooms over 3GHz
Xeon zooms over 3GHz
Break-in raises potential of identity theft
Break-in raises potential of identity theft

Related Content

Think multi-factor authentication can’t be hacked? Think again

Weak and re-used passwords still common, says vendor report

Warning: Ransomware may be copying all credentials on victims’ networks

Password lessons: Longer is better, so is salt

Tweets by itworldca

Follow
Tweet This Facebook LinkedIn google+

Subscribe
Resources CanadianCIO Digital Security CMO Digital CDN Magazine IT Salary Calculator LightningPR Webinars and Events Tech Research Partner Content
IT World Canada Community About Us Contact Us Technology Videos IT News IT Blogs Mobility News Cloud Computing Technology Topics ITWC Talks
ITWC Websites ITWC.ca Channel Daily News.com IT World Canada.com IT Business.ca Direction Informatique.com
© 2021 IT World Canada