Mysterious hackers are targeting PCs with vulnerable 6112 ports, security authority the Sans Institute said this week. The number of scans destined for port 6112 (dtspc) have increased fivefold since 21 January and Sans believes that this is because exploits exist . . .
Mysterious hackers are targeting PCs with vulnerable 6112 ports, security authority the Sans Institute said this week. The number of scans destined for port 6112 (dtspc) have increased fivefold since 21 January and Sans believes that this is because exploits exist for vulnerabilities on this port and systems are being compromised and backdoored. vnunet.com reported that this port was being actively exploited last week.

"The rootkits that have been discovered varied in style and naming, which usually indicates that they were installed by different parties," said a Sans spokesman. But he added that "worm like activity has not yet been seen in the wild".

The link for this article located at vunet is no longer available.