Aliases: Virus.Win32.Blakan.2016, W95/Blakan.dr
Variants: W32/Blakan.2016.B, W95/Kante-2016

Classification: Malware
Category: Computer Virus

Status: Active & Spreading
Spreading: Slow
Geographical info: Asia, North and South America, and some parts of Europe and Australia
Removal: Easy
Platform: W32
Discovered: 17 Apr 2001
Damage: Low

Characteristics: The W95.Blakan.2016 program is an executable virus which infects Windows executable files by attaching its virus code, in such a way that the virus is executed whenever an infected file is opened.

More details about W95.Blakan.2016

The program is classified as an Internet Relay Chat (IRC) worm. Unsecured systems and computers on the network protected by weak passwords are prone to the infiltration of the W95.Blakan.2016 program. The program binds itself to the network shares to propagate to other computers within the network. The W95.Blakan.2016 program opens unutilized Transmission Control Protocol (TCP) ports to communicate with remote servers on the Internet. The application connects to an IRC server to listen form commands from remote users. The program stays resident on the system’s memory. The remote user may transmit instructions to the computer through an IRC channel. These remote commands may include management of files, termination of running processes, modification of system configuration or rebooting the system.

The backdoor created by the W95.Blakan.2016 program may also be used by other malware programs to enter the system without the user’s knowledge. These malware applications may include Remote Administration Tools (RATs), monitoring software, keyloggers, adware programs and Trojan downloaders. The connection established by the application is utilized by these security threats to communicate and retrieve from remote hosts on the World Wide Web.