The backdoor offers very simple functionality, mainly to load other components. It has some common tricks to hide itself in the infected machine, in order to make it more difficult for a user to notice its presence.

The main commands that can be sent to the backdoor are: download and run an executable, download and install a plugin, update the bot itself, reboot the machine, and uninstall the bot. The main purpose of this backdoor is therefore to offer a gateway to the attacker so that he can download and install his own malware.

This backdoor is not very widespread yet, but it has the potential to evolve into a more dangerous threat in the future; as always, we recommend the users to update their software and security products, and to use common sense in order to avoid malware.

via Dream Loader: the new bot C&C engine of your dreams | Symantec Connect.

Nessun commento.

Aggiungi il tuo commento