We have been receiving a few scattered cases of outbreaks from a file labeled snkb00ptz.exe or snkb0ptz.exe, but it seems to be on the rise.
It's normally considered poor troubleshooting to use the file name for any type of identification of a threat, but recent examples have made this practical. Even though these files were detected as many different threat names and families (Trojan.gen, w32.IRCBot.NG, Downloader, etc), the cases all reported the same behavior and symptoms.
After some additional investigation, Symantec Security Response has broken out detection for W32.Inabot. That's short for the Insomnia IRC bot. More information is available from the makers of this threat in their manual, here: http://pastebin.com/dvpu8Zwb
For those of you familiar with W32.Changeup, much of this...