[From CNET News.com]
A new variant of the Phatbot worm may be on the loose and attempting to attack SQL Server ports, according to a warning the SANS Institute issued Monday.
Last month, Phatbot made the rounds, attacking Windows systems by acting as a Trojan horse. Phatbot would then link infected computers into an underground network for sending spam or launching other attacks. SANS is currently in the process of attempting to capture a full packet of data–or an executable file–for further analysis of Phatbot.
The article continues at