Worm:Win32/Dorkbot.A
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Ranking: | 14,350 |
Threat Level: | 20 % (Normal) |
Infected Computers: | 927 |
First Seen: | December 4, 2012 |
Last Seen: | September 12, 2023 |
OS(es) Affected: | Windows |
Worm:Win32/Dorkbot.A is a dangerous variant of Dorkbot, a severe malware infection that spreads through a variety of vectors. Worm:Win32/Dorkbot.A has both backdoor capabilities and password stealing abilities. There are several ways in which Worm:Win32/Dorkbot.A spreads from one computer to another. This versatility is what has made Worm:Win32/Dorkbot.A particularly prevalent. Worm:Win32/Dorkbot.A spreads both through social engineering tactics and through direct attacks. More than 28 million of computers have been infected with Worm:Win32/Dorkbot.A since this worm was first detected in 2011.
Table of Contents
Social Engineering Scams Associated with Worm:Win32/Dorkbot.A
Worm:Win32/Dorkbot.A spreads through social media networks, using an infected computer to post spam links to the infected social media account and its contacts. The Worm:Win32/Dorkbot.A infection can also send out direct spam messages and emails from the infected computer. Since these require the victims to open the embedded link contained in the spam message, these can be prevented by using typical online browser security measures. Simply taking some time to verify a direct message from a contact that seems suspicious can mean the difference between keeping your computer healthy and a costly and destructive Worm:Win32/Dorkbot.A infection away.
Direct Infection Methods Associated with Worm:Win32/Dorkbot.A
Criminals can also distribute Worm:Win32/Dorkbot.A using vulnerabilities in JavaScript and other programs and platforms. Malicious Java applets can be uploaded to compromised websites so that they will download and install malicious files on the victim's computer (in this case Worm:Win32/Dorkbot.A). These kinds of attacks can be prevented by disabling Java if it is not necessary and always using a reliable anti-malware tool to protect your computer. Worm:Win32/Dorkbot.A can also spread using AutoRun exploits, although these have diminished in effectiveness since Microsoft released patches closing these loopholes.
The above distribution methods can be prevented by making sure that your operating system and all third party software are always completely updated with patches obtained directly from your software's developer. It is also important to exercise caution when clicking on unknown links or when downloading any kind of file. Finally, it is important to scan all removable memory devices and keep your network secured in order to avoid Worm:Win32/Dorkbot.A infections coming from these kinds of sources. The main reason why the Worm:Win32/Dorkbot.A worm has spread so effectively is its versatility and multiple attack vectors. Avoid becoming a victim by protecting all possible access points to your computer.
File System Details
# | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
---|---|---|
1. | %AppData%\"ozkqke.exe" |
Registry Details
URLs
Worm:Win32/Dorkbot.A may call the following URLs:
iconbecoming.com |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.