As detailed over at Shadowserver.org, this is a particuarly new and nasty beast. Called "Nugache", it has email capabilities, attacks various vulnerabilities and has crazy leet FTP skills. The FTP powers are lying dormant for the moment, however this will surely change when the all singing and dancing Nugache Mark 2 hits the streets.

Currently, the theory goes that (while spreading via P2P), if the IRC-based Command & Control center is shut down, some nifty P2P coding will "reclaim" the potentially lost bots and start the whole thing up again at a later date. Sounds like there's some messed up coding in this thing at present, so it shouldn't hit too hard for the moment. Just be extra careful in P2P land, because at some point this thing is going to bite down hard.

Good news is, we've detected this thing since early January and enterprise customers are safe. Home users will have to remain vigilant for the time being - but then, if you're using P2P you should be anyway...