According to a security advisory published by MicroWorld Technologies, Backdoor.Rbot.ayg is a network based Trojan horse spreading via AOL Instant Messenger via Service Vulnerability-MS06-040 and previous vulnerabilities including MS03-049 in Windows. While the Redmond Company has released security bulletins addressing the vulnerabilities, unpatched systems extend the proliferation of Backdoor.Rbot.

"What's worrying with these sorts of malware samples is that they show increased hybridization in code and Multiple Layering in mode of attack," stated Manoj Mansukhani, Head-Technology and Marketing, MicroWorld Technologies. "This is a Backdoor Trojan with network creeping abilities, which uses a Rootkit component to hide itself. For spreading, it employs dual channels of Instant Messenger and Vulnerability Exploitation while the Rootkit deposited in the computer can even be used by a future Trojan. All this points towards a lot of planning, improvisation and innovation that goes into creating and proliferating malware today"

Moreover, MicroWorld Technologies has disclosed that the Backdoor.Rbot.ayg uses Win32.Rootkit.l to enable stealth files and processes and to avoid detection.

"If you are serious about security, you just can't be complacent in patching vulnerabilities in Operating Systems or other applications. However, regardless of security flaws in OS or elsewhere, you must be able to rely on your AntiVirus software to protect your system from all kinds of malware types," advised Sunil Kripalani, Vice President, Global Sales and Marketing, MicroWorld Technologies. "And that will be possible only when the security software combines multiple technologies that are proactive and reactive in nature and always keeps a few steps ahead of Virus writers."