We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
Backdoor:Win32/Rbot.NC
Detected by Microsoft Defender Antivirus
Aliases: Backdoor.Win32.VanBot.dk (Kaspersky) Backdoor.Win32.VanBot.dk (Sunbelt Software) Trojan Horse (Symantec) BKDR_VANBOT.DK (Trend Micro)
Summary
Backdoor:Win32/Rbot.NC is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include (but are not limited to) instructions to spread to other computers via open network shares or by exploiting a vulnerability, or to launch denial of service (DoS) attacks against specified targets.
Backdoor:Win32/Rbot.NC may download and install additional malicious software, thus manual removal is not recommended. To detect and remove this Trojan and other malicious software that may have been installed, run a full-system scan with an up-to-date antivirus product such as the Microsoft Safety Scanner (http://go.microsoft.com/fwlink/?LinkId=212742). For more information, visit http://www.microsoft.com/athome/security/downloads/default.mspx
Follow us
