RavMonE virus

The RavMonE virus, also known as W32/Rjump, is a virus that opens a back door on a computer running Windows, creates a copy of itself in the Windows system directory and creates a log file containing the port number on which its back door component listens. When a computer becomes infected, the virus allows hackers to gain access to its files and programs.

W32/Rjump can spread on the Internet through e-mail attachments. It can also be transmitted through portable devices such as flash memory, external storage media, digital cameras and multimedia players. Such devices, even if they do not themselves run Windows, can acquire the virus from Windows-based computers and transmit it to other Windows-based computers. In mid-October 2006, Apple reported that a number of video iPods had shipped from a contract manufacturer with RavMonE already installed.

Most antivirus software, if kept up-to-date and run regularly, can detect and remove W32/Rjump before it can cause any harm.

Read more about RavMonE virus: - On SearchSecurity.com, Bill Brenner discusses contaminated iPods in the workplace. - McAfee describes the technical aspects of W32/Rjump and provides countermeasures. - The RavMonE virus mysteriously turned up on a few video iPods that were shipped in September 2006.

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT New defenses for automated SQL injection attacks By automating SQL injection attacks, hackers have found a way to expedite the process of finding and exploiting vulnerable websites. The old defenses... Information security book excerpts and reviews Visit the Information Security Bookshelf for book reviews and free chapter downloads. Yahoo, McAfee to warn users of dangerous websites Websites suspected of spreading malicious programs or spamming and phishing campaigns will be highlighted in search results.

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary bot worm  (SearchSecurity.com) A bot worm is a self-replicating malware program that resides in current memory, turns infected computers into zombies (or bots) and transmits itself... cache poisoning  (SearchSecurity.com)