Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in your inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go

Several Haxdoor Variants Impose Harmful Behavior

Several variants of the Haxdoor group of trojans have arisen over the last few days, informs PandaLabs. These trojans typically use 'rootkit' technology to steal personal user data and conduct online fraud and identity theft.

The Haxdoor variants that PandaLabs has identified have many common characteristics. These include their ability to install a rootkit program to hide processes, files, or entries.

Haxdoor rootkit is of kernel-mode although most of its attacks are in user-mode. Actually, it injects its attacks from kernel to user-mode. This is rather unique and quaint. The trojans use rootkit to conceal themselves on the PC from user and most of the conventional security software.
All the Haxdoor variants aim to steal passwords to gain entry into popular Internet services like eBay, ICQ, PayPal and WebMoney as well as many e-mail clients, including 'Outlook Express' and 'The Bat'. Haxdoor has infected over 2,300 people by installing a backdoor, keylogger and rootkit on their computers with the purpose to dig out private details, unnoticed.

If a system has firewalls in it, the Haxdoor malware makes changes to it after compromising the computer so that it can execute its own malicious processes. The modifications help to remove all hurdles that a PC has to prevent data theft and transmission.
PandaLabs has found several cases where attackers have developed a Trojan variant and hosted on corrupt websites. They, then, send out links to these websites through spam mails. Most anti-virus software cannot detect these new variants in their initial stages of release. So the Trojan on the infected PC is able to often disable the anti-virus program and escapes detection throughout.

According to Luis Corrons, director of PandaLabs, the writers of these malicious codes seem to be mass mailing the trojans in attachments to spam messages. The security firm, therefore, recommends deleting all suspicious or irrelevant messages. These trojans have serious implications especially because they are capable to hide their actions by using a rootkit technology. The firm also suggests adding proactive technologies that processes detection on the basis of behavioral analysis to traditional anti-virus solutions.

Related article: Several Security Threats Will Surge In 2007

» SPAMfighter News - 23-10-2006

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next