This Trojan infects poorly secured routers.
Supported architectures include, but is not limited to, the following:
The Trojan connects to the following remote location over HTTP or FTP:
The Trojan then starts a proxy which can forward HTTP and SMTP traffic.
The Trojan may then download potentially malicious files onto the compromised computer.
The Trojan may be used to send spam emails.
Symantec Security Response encourages all users and administrators to adhere to the following basic security "best practices":