We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
Backdoor:Win32/Sdbot.A
Detected by Microsoft Defender Antivirus
Aliases: Win32/Sdbot.F (CA) Backdoor.Win32.SdBot.05.b (Kaspersky) W32/Sdbot.worm.gen (McAfee) W32/Sdbot-Fam (Sophos) Backdoor.Sdbot (Symantec) BKDR_SDBOT.BN (Trend Micro)
Summary
Backdoor:Win32/Sdbot.A is a backdoor Trojan that allows an attacker to take control of an infected computer. When a computer is infected, the Trojan connects to an Internet Relay Chat (IRC) server and joins a channel in order to receive commands from the controlling attacker. These commands can instruct the Trojan to perform a number of different actions.
Backdoor:Win32/Sdbot.A may download and install additional malicious software, thus manual removal is not recommended. To detect and remove this Trojan and other malicious software that may have been installed, run a full-system scan with an up-to-date antivirus product such as the Microsoft Safety Scanner (http://go.microsoft.com/fwlink/?LinkId=212742). For more information, visit http://www.microsoft.com/athome/security/downloads/default.mspx
Follow us
