1. /
  2. Security Response/
  3. IRC Trojan

IRC Trojan

Risk Level 1: Very Low

June 16, 1998
June 7, 2007 9:58:19 PM
Infection Length:
Systems Affected:
Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
IRC Trojan is a detection for Trojans use Internet Relay Chat (IRC). The IRC connection serves as a back door, allowing an attacker to perform a variety of actions on the compromised computer. An attacker usually gathers a large number of computers infected with IRC Trojan and uses them as a bot network, controlled through IRC.

The use of IRC separates threats from their traditional back door counterparts in that the hacker does not issue commands directly to the back door. Rather they are routed through the IRC server and channel, and then on to the compromised computer. Without the IRC server or channel, the attacker is unable to control the compromised computer.

Antivirus Protection Dates

  • Initial Rapid Release version March 10, 2004
  • Latest Rapid Release version February 25, 2015 revision 072
  • Initial Daily Certified version March 10, 2004 revision 007
  • Latest Daily Certified version February 25, 2015 revision 071
  • Initial Weekly Certified release date September 4, 1998
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment


  • Wild Level: Low
  • Number of Infections: 0 - 49
  • Number of Sites: 0 - 2
  • Geographical Distribution: Low
  • Threat Containment: Easy
  • Removal: Easy


  • Damage Level: Medium
  • Payload: Opens a back door and connects to an IRC server.
  • Releases Confidential Info: May steal information from the computer.
  • Compromises Security Settings: May bypass firewalls.


  • Distribution Level: Low
  • Ports: Uses non-standard IRC ports.
Writeup By: Ben Nahorney

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report
Symantec DeepSight Screensaver