Radware issues immediate protection against the 'Gangsta.exe' trojan horse

Dark Reading Staff, Dark Reading

September 19, 2007

1 Min Read

TEL AVIV -- Radware (NASDAQ: RDWR), the leading global provider of integrated application delivery solutions for business-smart networking, today announced the immediate protection against the “Gangsta.exe” Trojan horse attack.

Radware’s Security Operation Center (SOC) received reports of massive infections created by the ‘gangsta.exe’ Trojan horse attack. The attack spreads by means such as email, network shares and web sites. The Trojan horse contains an embedded IRC engine which allows the attacker to communicate with the infected host through an IRC channel. The attacker can then gain remote control on the attacked machine allowing it to disclose information or launch denial of service attacks.

Radware’s SOC has immediately released protection for this incident, which protects against all spread vectors of this Trojan including HTTP, SMB and SMTP traffic that might contain the Trojan as a potential payload. In addition, the protection also prevents the use of IRC communications by an infected host reporting to the attacker

“After detecting an emergent threat within our network we contacted Radware Security Operation Center (SOC) with a copy of the virus,” reported Computer Security, University of Alberta. “Within six hours the SOC provided an emergency update to our DefensePro detecting and blocking this virus in order to protect the University of Alberta's network from further infection.”

Radware Ltd. (Nasdaq: RDWR)

Read more about:


About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights