Symantec has warned users that a remote bot or “zombie” computer is being used to sniff out users who have not adequately patched their Veritas data back-up systems.
The bot, a machine hijacked by remote attackers without the knowledge of its owners, is searching for computers that have not installed a patch to protect the Veritas Backup Exec software.
The patch, which prevents unauthorised entry into systems, was released by Symantec at the end of 2004.
Symantec says however that the amount of traffic being generated by the bot indicates there are many unpatched systems out there.
The company says there has been a surge in scans of TCP port 6101, which is associated with Veritas Backup Exec.
Symantec said the bot was also being used to scan for vulnerabilities in other software, including Windows.
The security software supplier, which owns Veritas, has urged users to update their Veritas software and other systems.