The Channel logo


By | John Leyden 3rd March 2006 13:50

'Keylogger text' spooks Symantec

Boo to a (Norton) ghost

Script kiddies have latched onto a minor glitch in Symantec security software to boot users off Internet Relay Chat (IRC) channels. Typing “startkeylogger” or “stopkeylogger” in an IRC channel results in the involuntary logoff of users of Norton Firewall and Norton Internet Security suites, The Washington Post reports.

The commands mimic those used by the infamous Spybot worm, a botnet client with multiple variants, some of which spread over IRC and peer-to-peer file-swapping networks, that installs a backdoor onto compromised systems. Symantec’s software doesn’t recognise the context of the commands and therefore takes fright, exiting IRC channels with the response “Read error: Connection reset by peer” whenever the dreaded Spybot-style phrases are uttered. A number of IRC channels have reportedly started filtering out the phrase.

Symantec said it would fix the bug, which is best described as a “minor quirk”. IRC channels are full of pranksters and mischief makers who’ve undoubtedly had some fun with the Symantec glitch, even though it’s unlikely to have affected more than a handful of people. ®

alert Send corrections


Frank Jennings

What do you do? Use manual typwriters or live in a Scottish croft? Our man advises
A rusty petrol pump at an abandoned gas station. Pic by Silvia B. Jakiello via shutterstock

Trevor Pott

Among other things, Active Directory needs an overhaul
Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Kat Hall

Plans for 2 million FTTP connections in next four years 'not enough'
Microsoft CEO Satya Nadella


League of gentlemen poster - Tubbs and Edward at the local shop. Copyright BBC
One reselling man tells his tale of woe