Back Orifice (aka BackOrifice2K) is a cyber threat from the top of danger level scale. It’s a very dangerous Remote Administration Tool that helps cyber criminals to access your computer from a remove control and do with it whatever they want. Regarding a number of malicious activities that this Back Orifice Trojan can initiate surpassed other cyber threats, such as ransomware or spyware. This remove administration tool has been developed by a group of people who call themselves “The Cult of the Dead Cow”. It was written in C++ programming language. It has started spreading in 1995, which is a long time ago, so it’s natural that various diverse versions of this threat have emerged. Some of the versions include such functions as “hijacker”, “password capture”, “keylogger” etc.
What activities does Back Orifice perform?
Back Orifice Remote Administration Tool is programmed to access computers remotely and then perform various diverse functions. To illustrate what abilities this application has, we will list some of its traits. Back Orifice can:
- Spawn a text-based application on a TCP port.
- Stop an application from listening for connections.
- List the applications currently listening for connections.
- Create a directory. Lists files and directory. You must specify a wildcard if you want more than one file to be listed. Removes a directory.
- Create an export on the server. Deletes an export.
- List currently shared resources (name, drive, access, password).
- Log keystrokes on the server machine to a text file. Ends keyboard logging. To end keyboard logging from the text client, use ‘keylog stop’.
- Disconnect the server machine from a network resource. Connects the server machine to a network resource.
- View all network interfaces, domains, servers, and exports visible from the server machine.
- Ping the host machine.
- Return the machine name and the BO version number.
- Execute a Back Orifice plugin. Tell a specific plugin to shut down. List active plugins or the return value of a plugin that has existed.
- Redirect incomming tcp connections or UDP packets to another IP address. Stop a port redirection.
- Create a key in the registry. Delete a key from the registry. Delete a value from the registy, etc.
How can Back Orifice infect the system?
According to security experts, it’s not possible to know when Back Orifice’s attack is taking place, so it’s very important to ensure a full system protection. Typically, cyber criminals who monitor this infection is spread via spam e-mails. Once a computer user clicks on the attachment, the virus is executed and roots deep into the system. Consequently, the machine can start working abnormally because hacked may start viewing and modifying the files and registries on your computer. Back Orifice Trojan can log your keystrokes, log files, take screen shots and send them to hackers or can simply crash the computer. Thus, this virus needs removal ASAP. It goes without saying that such a malicious application cannot be removed manually. Thus, if you suspect it to be hiding in your computer, our recommendation would be to check the system with ReimageIntego, SpyHunter 5Combo Cleaner, Malwarebytes.
Choose a proper web browser and improve your safety with a VPN tool
Online spying has got momentum in recent years and people are getting more and more interested in how to protect their privacy online. One of the basic means to add a layer of security – choose the most private and secure web browser. Although web browsers can't grant full privacy protection and security, some of them are much better at sandboxing, HTTPS upgrading, active content blocking, tracking blocking, phishing protection, and similar privacy-oriented features. However, if you want true anonymity, we suggest you employ a powerful Private Internet Access VPN – it can encrypt all the traffic that comes and goes out of your computer, preventing tracking completely.
Lost your files? Use data recovery software
While some files located on any computer are replaceable or useless, others can be extremely valuable. Family photos, work documents, school projects – these are types of files that we don't want to lose. Unfortunately, there are many ways how unexpected data loss can occur: power cuts, Blue Screen of Death errors, hardware failures, crypto-malware attack, or even accidental deletion.
To ensure that all the files remain intact, you should prepare regular data backups. You can choose cloud-based or physical copies you could restore from later in case of a disaster. If your backups were lost as well or you never bothered to prepare any, Data Recovery Pro can be your only hope to retrieve your invaluable files.