Phatbot was reported to us last week by a reporter from the Washington
Post (sigh), but no reputable antivirus organizations that we could locate
were providing protection from Phatbot and I didn't see any firsthand
infections to submit to Symantec, so we instead blocked the ports on
which it travels. As of today Symantec has finally detected Phatbot as
W32.HLLW.Polybot. Virus definitions for March 19 (intelligent update) or
March 24 (live update) will detect Phatbot, but they are not out yet.
A much more eloquently written account from LURHQ:
I'll update the lists when there are tools/defs for removal.