Intrusion Prevention

Danmec.Asprox

Description

The Asprox trojan is designed to create a spam botnet and send spam emails. It installs as a system service named "Microsoft Security Center Extension". It uses Google to search for .asp pages, then sends blind SQL-injection attack requests to the websites that are found.

Affected Products

Any website based on ASP technologies and using Microsoft SQL server as the backend database server.

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Use antivirus software to scan and clean the system. Apply the most recent upgrades or patches from the vendor.