1. /
  2. Security Response/
  3. W32.IRCBot


Risk Level 1: Very Low

July 8, 2002
October 29, 2008 6:41:54 PM
Also Known As:
W32/IRCbot.worm.dll!95744 [McAfee], W32/Spybot.worm!dx [McAfee], Generic BackDoor!csb [McAfee]
Trojan, Worm
Systems Affected:
Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
W32.IRCBot is a detection for worms that spread using Internet Relay Chat (IRC). The IRC connection serves as a back door, allowing an attacker to perform a variety of actions on the compromised computer. An attacker usually gathers a large number of computers infected with W32.IRCBot worms and uses them as a bot network, controlled through IRC.

The use of IRC separates threats from their traditional back door and worm counterparts in that the hacker does not issue commands directly to the back door. Rather they are routed through the IRC server and channel, and then on to the compromised computer. Without the IRC server or channel, the attacker is unable to control the compromised computer.

Antivirus Protection Dates

  • Initial Rapid Release version July 9, 2002
  • Latest Rapid Release version November 29, 2015 revision 025
  • Initial Daily Certified version July 9, 2002 revision 007
  • Latest Daily Certified version November 29, 2015 revision 032
  • Initial Weekly Certified release date July 10, 2002
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Gor Nazaryan

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report