Discovered on: February 20, 2002
Last Updated on: February 20, 2002 at 10:59:45 AM PST

Backdoor.Infector allows a hacker to remotely control an infected computer.

Type: Trojan Horse

Virus Definitions (Intelligent Updater): February 20, 2002
Virus Definitions (LiveUpdateTM): February 20, 2002

Threat Assessment:
Damage: High

Payload Trigger: Running Backdoor.Infector
Releases confidential info: Stored passwords can be acquired
Compromises security settings: Allows unauthorized access to the compromised computer

Technical description:
When Backdoor.Infector is run, it does the following:

This can vary. The hacker can merge this backdoor Trojan with a valid program so that the actual Trojan goes unnoticed when it is run.
Hacker notification:
This Trojan can be configured to use ICQ or IRC to notify the hacker that it successfully compromised a system.

Communication with the hacker:
Backdoor.Infector allows the hacker to take control of the compromised system by opening a port. The port can be configured by the hacker who creates the backdoor. By default, it uses port 35000.

Control features:
If Backdoor.Infector is run, it allows the hacker to remotely take control over the compromised computer, and can include:
Fully control the file system
Upload to and download from the host computer
Run files of the hacker's choice
Manage running processes
Manipulate the registry
Display messages
Acquire passwords
Redirect TCP traffic from one specific port to another port and IP address.
View the screen
Log key strokes
Perform annoying actions, such as manipulate the mouse, open and close the CD-ROM drive, turn the monitor on and off, and so on.

Discovered on: February 20, 2002
Backdoor.Subwoofer allows a hacker to remotely control an infected computer.