Trojan/Backdoor - PhatBOT Detection

Critical Nessus Network Monitor Plugin ID 1202


The remote host can be remotely controlled by a malicious user


The remote systems appears to have PhatBOT installed. This program allows the machine to be controlled via a P2P network. PhatBOT is extremely sophisticated and allows the remote attacker to use the victim machine to perform various actions.


Remove the trojan software from the infected machine and consider re-installing the operating system.

See Also

Plugin Details

Severity: Critical

ID: 1202

File Name: 1202.prm

Family: Generic

Published: 2004/08/20

Modified: 2016/01/15

Nessus ID: 12111

Risk Information

Risk Factor: Critical