Saturday, April 9, 2011

Hydraq, a Trojan Back-Door Remote Controller

Detail from The Procession of the Trojan Horse...Image via Wikipedia
Trojan Horse
Win32/Hydraq.B is a Trojan horse virus with a back-door remote controller that allows the intruder to retrieve system and user information, shutdown or reboot the system, execute commands on a remote shell, download and execute an arbitrary file, then save it to %Temp%\mdm.exe, escalate user privilege, copy, move, or delete files, and many other things. Viruses such as this one are increasing the stakes of IT security professionals.

This video from the Symantec Security Response blog shows how hydraq works:

Enhanced by Zemanta

No comments: