A Trojan that exploited an elevation of privileges (EoP) vulnerability in Microsoft Windows NT.
Sechole was a sophisticated Trojan that appeared on the Internet in 1998. Sechole infected Windows NT machines running Internet Information Services (IIS) through Hypertext Transfer Protocol (HTTP) connections to infected Web sites. The Trojan used debugging application programming interfaces (APIs) to elevate the IUSR_servername anonymous Internet account to administrative privileges, and then added additional user accounts to the Administrators local group on the IIS machine. This allowed attackers to gain full control over the compromised machine without requiring local console access.