1. /
  2. Security Response/
  3. W32.Zbot

W32.Zbot

Risk Level 1: Very Low

Discovered:
June 12, 2013
Updated:
June 12, 2013 4:45:19 PM
Type:
Worm
Infection Length:
250,000 Bytes
Systems Affected:
Windows 2000, Windows 7, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows Server 2008, Windows Vista, Windows XP
W32.Zbot is a worm that spreads through removable drives and attempts to steal confidential information from the compromised computer. It may also download configuration files and updates from the Internet.

For more information, please see the following resource:
Trojan.Zbot

Antivirus Protection Dates

  • Initial Rapid Release version June 12, 2013 revision 008
  • Latest Rapid Release version August 19, 2013 revision 006
  • Initial Daily Certified version June 12, 2013 revision 009
  • Latest Daily Certified version August 19, 2013 revision 017
  • Initial Weekly Certified release date June 12, 2013
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

  • Wild Level: Low
  • Number of Infections: 0 - 49
  • Number of Sites: 0 - 2
  • Geographical Distribution: Low
  • Threat Containment: Easy
  • Removal: Easy

Damage

  • Damage Level: High
  • Payload Trigger: Clicking on links in unsolicited emails.
  • Payload: Opens a back door, gathers information from the computer, steals sensitive information, may download additional files.
  • Releases Confidential Info: Steals confidential information.

Distribution

  • Distribution Level: Low
  • Target of Infection: Removable drives.
Writeup By: Santiago Cortes

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report, Volume 17
Symantec DeepSight Screensaver