Backdoors

Total Backdoors parasites in our DB: 158
Backdoors added today: 0
 
 

WHAT IS BACKDOOR?

A backdoor is a malicious computer program or particular means that provide the attacker with unauthorized remote access to a compromised system exploiting vulnerabilities of installed software and bypassing normal authentication. A backdoor works in background and hides from the user. It is very similar to a virus and therefore is quite difficult to detect and completely disable. A backdoor is one of the most dangerous parasite types, as it allows a malicious person to perform any possible actions on a compromised computer. The attacker can use a backdoor to spy on a user, manage files, install additional software or dangerous threats, control the entire system including any present applications or hardware devices, shutdown or reboot a computer or attack other hosts. Often a backdoor has additional harmful capabilities like keystroke logging, screenshot capture, file infection, even total system destruction or other payload. Such parasite is a combination of different privacy and security threats, which works on its own and doesn’t require to be controlled at all.

Most backdoors are autonomic malicious programs that must be somehow installed to a computer. Some parasites do not require the installation, as their parts are already integrated into particular software running on a remote host. Programmers sometimes left such backdoors in their software for diagnostics and troubleshooting purposes. Hackers often discover these undocumented features and use them to break into the system.

Generally speaking, backdoors are specific trojans, viruses, keyloggers, spyware and remote administration tools. They work in the same manner as mentioned viral applications do. However, their functions and payload are much more complex and dangerous, so they are grouped into one special category. Navigate to Backdoor parasites

Newest Backdoors

go.speedbit.com

January 23rd, 2014
go.speedbit.com is another search engine, which belongs to 'potentially unwanted program' category. No matter that it can't harm computer in any way, it can easily initiate changes in system settings and take over the homepage or default search engine. As soon as it does that, it starts pretending a reliable... More...

Briba

June 5th, 2012
Briba is a malicious Trojan horse that is made to open a backdoor connection for a remote attacker to the compromised computer. It modifies the system registry to run itself automatically each time windows starts. Also, it drops itself to several locations, to make it harder to delete.Then Briba opens... More...

Ritsol

June 5th, 2012
Ritsol is a malicious Trojan horse that is made to create a backdoor on a compromised computer. Usually it is dropped by another Trojan, to make sure to sneak in the PC without notice. It copies itself to several different locations, and modifies the registry, so that it could start... More...

DATABASE OF Backdoors PARASITES

# | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z
    27
    1
  • "You have been sent a video" email March 4th, 2009 No Comments
    "You have been sent a video" is a scam e-mail message. It claims that your friend has recommended you to see certain vid...
  • 20CN v1.01 May 24th, 2005 No Comments
    A backdoor made in China. A server program writes itself in Windows system folder, and then a hacker can access your ...
  • 3 x Backdoor May 24th, 2005 No Comments
    A backdoor made by Polish hackers. Written in Delphi language. A server program writes itself to your computer, and then...
  • 51D 1b May 24th, 2005 No Comments
    A backdoor written in Delphi language in 2004. The server writes itself in the Windows directory, and with a client prog...
  • AIMVision October 8th, 2005 No Comments
    AIMVision is a backdoor that gives the attacker unauthorized remote access to a compromised computer. Once executed, the...
  • Akbot December 28th, 2005 No Comments
    Akbot is an IRC-controlled backdoor, which provides the attacker with unauthorized remote access to the compromised comp...
  • Amitis October 8th, 2005 No Comments
    Amitis is a dangerous backdoor that gives the remote attacker full unauthorized access to a compromised computer. The th...
  • Amitis.c January 19th, 2007 No Comments
    Amitis.c is a backdoor that provides the attacker with unauthorized remote access to the compromised computer. The intru...
  • Asb February 21st, 2006 No Comments
    Asb is a backdoor that provides the attacker with unauthorized remote access to the compromised computer. It allows the ...
  • Backdoor.Barkiofork May 3rd, 2012 No Comments
    Backdoor.Barkiofork is a malicious Trojan horse, which is made to open a backdoor on the infected computer. It spreads t...
  • Backdoor.Lithium May 24th, 2005 No Comments
    A quite dangerous backdoor. A server program writes itself to your computer, and then a hacker can get remote access ...
  • Backdoor.Nitol May 2nd, 2012 No Comments
    Backdoor.Nitol is a malicious Trojan Horse, which opens a backdoor on the infected computer. When it gets executed on th...
  • Backdoor.Win32.TheThing.a May 27th, 2008 No Comments
    Backdoor.Win32.TheThing.a used to be a real backdoor trojan. Now, however, its name is used to falsely promote rogue ant...
  • Backdoor.Winnti May 2nd, 2012 No Comments
    Backdoor.Winnti is a malicious Trojan Horse, which opens a backdoor on the infected computer. This Trojan exploits PDF f...
  • BanBot December 11th, 2005 No Comments
    BanBot is a backdoor that provides the attacker with unauthorized remote access to a compromised computer. The intruder ...
  • Banito September 28th, 2005 No Comments
    Banito is a very dangerous backdoor that gives the attacker unauthorized remote access to a compromised computer. The pa...
  • Bebshell February 25th, 2006 No Comments
    Bebshell is a backdoor that provides the attacker with unauthorized remote access to the compromised computer. The intru...
  • Bias November 15th, 2006 No Comments
    Bias is a backdoor that provides the attacker with unauthorized remote access to the compromised computer. The intruder ...
  • Bifrost GI March 18th, 2009 No Comments
    Bifrost GI is a backdoor application that gives a remote unauthorized access to the system. This parasite enters PC thro...
  • Blurax June 2nd, 2008 1 Comments
    Blurax is a backdoor that provides the attacker with unauthorized remote access to the compromised computer. It allows t...
1 | | 3 | 4 | 5 | 6 | 7 | 8 | NEXT

WAYS OF INFECTION

Only few backdoors are able to propagate themselves and infect the system without user knowledge. Most parasites must be manually installed as any other software with or without user consent. There are four major ways unsolicited threats can get into the system.

1. Typical backdoors can be accidentally installed by incautious and unaware users. Some backdoors come attached to e-mail messages or are downloaded from the Internet using file sharing programs. Their authors give them unsuspicious names and trick users into opening or executing such files.
2. Backdoors often are installed by other parasites like viruses, trojans or even spyware. They get into the system without user knowledge and consent and affect everybody who uses a compromised computer. Some threats can be manually installed by malicious local users who have sufficient privileges for the software installation. Few backdoors are able to spread by exploiting remote systems with certain security vulnerabilities.
3. Several backdoors are already integrated into particular applications. Even legitimate programs may have undocumented remote access features. The attacker needs to contact a computer with such software installed in order to instantly get full unauthorized access to the system or take over control over certain software.
4. Some backdoors infect a computer by exploiting certain software vulnerabilities. They work similarly to worms and automatically spread without user knowledge. The user cannot notice anything suspicious, as such threats do not display any setup wizards, dialogs or warnings.

Widely spread backdoors affect mostly computers running Microsoft Windows operating system. However, lots of less prevalent parasites are designed to work under different environments.

WHAT A BACKDOOR DOES?

- Allows the intruder to create, delete, rename, copy or edit any file, execute various commands, change any system settings, alter the Windows registry, run, control and terminate applications, install arbitrary software and parasites.
- Allows the attacker to control computer hardware devices, modify related settings, shutdown or restart a computer without asking for user permission.
- Steals sensitive personal information, valuable documents, passwords, login names, identity details, logs user activity and tracks web browsing habits.
- Records keystrokes a user types on a computer’s keyboard and captures screenshots.
- Sends all gathered data to a predefined e-mail address, uploads it to a predetermined FTP server or transfers it through a background Internet connection to a remote host.
- Infects files, corrupts installed applications and damages the entire system.
- Distributes infected files to remote computers with certain security vulnerabilities, performs attacks against hacker defined remote hosts.
- Installs hidden FTP server that can be used by malicious persons for various illegal purposes.
- Degrades Internet connection speed and overall system performance, decreases system security and causes software instability. Some parasites are badly programmed, they waste too much computer resources and conflict with installed applications.
- Provides no uninstall feature, hides processes, files and other objects in order to complicate its removal as much as possible.

EXAMPLES OF BACKDOORS

There are lots of different backdoors. The following examples illustrate how functional and extremely dangerous these parasites can be.

Litebot is a backdoor that allows the remote attacker to download and execute arbitrary files from the Internet. The parasite decreases overall system security by changing default Windows firewall settings. Litebot main files have random names, so it is quite difficult to detect and get rid of. The backdoor automatically runs on every Windows startup.

Remote Connection, also known as RedNeck, is a dangerous backdoor that gives the intruder full access to a compromised system. The parasite can shutdown or restart a computer, manage files, record user keystrokes, install and run various programs, take screenshots and perform other malicious actions.

Tixanbot is an extremely dangerous backdoor that gives the remote attacker full unauthorized access to a compromised computer. The intruder can manage the entire system and files, download and install arbitrary applications, update the backdoor, change Internet Explorer default home page, attack remote hosts and obtain system information. Tixanbot terminates running essential system services and security-related processes, closes active spyware removers and deletes registry entries related with firewalls, antivirus and anti-spyware software in order to prevent them from running on Windows startup. The parasite also blocks access to reputable security-related web resources. Tixanbot can spread. It sends messages with certain links to all MSN contacts. Clicking on such a link downloads and installs the backdoor.

Resoil FTP is a backdoor that gives the hacker remote unauthorized access to an infected computer. This parasite runs a hidden FTP server, which can be used to download, upload and run malicious software. Resoil FTP activity may result in noticeable computer performance loss and user privacy violation.

CONSEQUENCES OF A BACKDOOR INFECTION

A backdoor allows the attacker to work with an infected computer as with its own PC and use it for various malicious purposes or even criminal offences. The responsibility for such activity is usually assumed by guiltless users on which systems backdoors were installed, as in most cases it is really hard to find out who was controlling a parasite.

Practically all backdoors are very difficult to detect. They can violate user privacy for months and even years until the user will notice them. The malicious person can use a backdoor to find out everything about the user, obtain and disclose priceless information like user’s passwords, login names, credit card numbers, exact bank account details, valuable personal documents, contacts, interests, web browsing habits and much more.

Backdoors can be used for destructive purposes. If the hacker was unable to obtain any valuable and useful information from an infected computer or have already stole it, he eventually may destroy the entire system in order to wipe out his tracks. This means that all hard disks would be formatted and all the files on them would be unrecoverably erased.

HOW TO REMOVE A BACKDOOR?

Backdoors work in the same manner as the computer viruses and therefore can be found and removed with the help of effective antivirus products like Symantec Norton AntiVirus, Kaspersky Anti-Virus, McAfee VirusScan, eTrust EZ Antivirus, Panda Titanium Antivirus, AVG Anti-Virus. Some advanced spyware removers, which are able to scan the system in a similar way antivirus software does and have extensive parasite signature databases can also detect and remove certain backdoors and related components. Powerful anti-spyware solutions such as Spyware Doctor, Microsoft AntiSpyware Beta, Spybot - Search & Destroy, Ad-Aware SE, SpyHunter, eTrust PestPatrol are known for quite fair backdoor detection and removal capabilities.

In some cases even an antivirus or spyware remover can fail to get rid of a particular backdoor. That is why there are Internet resources such as 2-Spyware.com, which provide manual malware removal instructions. These instructions allow the user to manually delete all the files, directories, registry entries and other objects that belong to a parasite. However, manual removal requires fair system knowledge and therefore can be a quite difficult and tedious task for novices.

Additional resources related to Backdoors:

Attention: If you know or you have a website or page about Backdoors removal, feel free to add a link to this list: add url



more resources

Spreading the knowledge:

It is very hard to fight against computer parasites on the Internet alone. If you have a website, we would be more than happy if you would like to cooperate and help us spread the information about latest threats. Remember, knowledge is the most powerful weapon. Help your visitors protect their computers!
add text box
rss feed
help other
Like us on Facebook
Latest spyware news:
Subscribe to spyware news
Please enter your e-mail address:
If you do not want to receive our spyware
newsletter please unsubscribe here
48601 Subscribers
Ask us