In a latest alert, Internet Security Systems noted that there is a new version of Slapper worm out there. The modification, called Slapper.B has some changes:
- Slapper.B has a new function called, "mailme()" that sends an email to email@example.com containing the IP address and hostname of the infected computer and, the hostname of the server it is linked to.
- Slapper.B contains a new interactive backdoor function. Slapper.A allowed attackers to execute commands via the peer-to-peer network. Slapper.B has a supplemental backdoor that listens on TCP port 1052. Attackers must supply a password before Slapper.B grants an interactive command shell.
Read more at ISS X-Force