NEWS FROM THE LAB - Monday, May 1, 2006

Nugache Posted by Mikko @ 18:31 GMT

There's a new bot (known as "Nugache") going around. This one is not creating botnets via IRC as they most often do - it's using a peer-to-peer network via TCP port 8.

This is not the first malware to create p2p networks of infected hosts - Linux worm Slapper premiered this technology already in 2002.

We currently detect this Nugache thingy as "Backdoor.Win32.SdBot.aqy".