1. Symantec/
  2. Security Response/
  3. W32.IRCBot


Risk Level 1: Very Low

July 8, 2002
October 29, 2008 6:41:54 PM
Also Known As:
W32/IRCbot.worm.dll!95744 [McAfee], W32/Spybot.worm!dx [McAfee], Generic BackDoor!csb [McAfee]
Trojan, Worm
Systems Affected:
W32.IRCBot is a detection for worms that spread using Internet Relay Chat (IRC). The IRC connection serves as a back door, allowing an attacker to perform a variety of actions on the compromised computer. An attacker usually gathers a large number of computers infected with W32.IRCBot worms and uses them as a bot network, controlled through IRC.

The use of IRC separates threats from their traditional back door and worm counterparts in that the hacker does not issue commands directly to the back door. Rather they are routed through the IRC server and channel, and then on to the compromised computer. Without the IRC server or channel, the attacker is unable to control the compromised computer.

Antivirus Protection Dates

  • Initial Rapid Release version July 9, 2002
  • Latest Rapid Release version March 19, 2018 revision 023
  • Initial Daily Certified version July 9, 2002 revision 007
  • Latest Daily Certified version March 19, 2018 revision 003
  • Initial Weekly Certified release date July 10, 2002
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Gor Nazaryan

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube