The Anti-virus Times

Tuesday, June 14, 2016

The word “backdoor” can be separated into two words: “back” and “door”. Backdoors really do open the door for attackers to gain access to an infected computer, and they do this covertly, without user consent.

Essentially, backdoors are malicious programs that can execute intruder commands and thus implement the widest range of features such as:

• stealing confidential information on the infected machine,
• sending attackers individual files,
• downloading, installing, and running a variety of programs.

It's safe to say that a computer compromised by a backdoor no longer belongs to its rightful owner; it’s at the disposal of cybercriminals.

Moreover, with the help of a backdoor, cybercriminals can plant information on the drive of an infected computer—information that compromises its owner or even issues a directive to render the system non-operational.

The backdoor can also be used as an “intermediate host” when attacking another computer — in this case, criminals can use the computer to obfuscate traces or complicate the investigation of an attack.

Computers running Windows aren’t the only ones subject to attack by backdoors— backdoors for Android are also quite common.

Android backdoors are malicious programs that infect mobile devices and, when commanded to do so by cybercriminals, can perform a variety of malicious actions.

These Trojans can:

• intercept and hide inbound short messages from the user;
• covertly send premium short messages;
• record audio with the device's microphone;
• acquire location data using GPS;
• upload to a remote server the contact information found on the device, as well as all available photos and videos of the victim;
• make calls;
• download and delete certain files;
• display annoying ads.

In addition to the above functionality, Android backdoors are increasingly being used to covertly install and remove programs — to accomplish this, the Trojans attempt to gain root access privileges in a compromised system. And, in some cases, such malicious applications inject themselves directly in the smartphone and tablet system directory where it is hard to detect them. When this happens, the Trojans acquire unlimited rights and can perform all their “dirty business” without the user’s consent.