New Backdoor Program Attacks HTTP Servers having Java Application

Security researchers at Trend Micro the anti-virus agency are reporting a backdoor kind of Trojan, which contaminates Hyper Text Transfer Protocol (HTTP) servers with Java installed, whilst lets attackers issue malevolent instructions to the underlying machines.

Dubbed BKDR_JAVAWAR.JG, the malware arrives disguised as one JSP (Java Server Page), which is certain kind of web-page solely served as well as deployed from a maliciously run server having Apache Tomcat -name of one Java Servlet holder.

It maybe noted that soon as the JSP is installed, it enables the attacker to access it from afar while utilize its functions for browsing, downloading, uploading, deleting, editing, alternatively copying various files and documents stored on the contaminated machine with the help of any Web-console medium. The function resembles that by Hyper Text Preprocessor (PHP)-based programs with backdoor capabilities, ordinarily given the name PHP Web-shells.

Trend Micro's researchers explain that cyber-criminals, by utilizing any password cracking code succeed in logging in as well as acquiring administrative or manager privileges, letting WAR files (Web Application Archives) to get deployed on the server after incorporating into them, the backdoor. They observe that there is an automatic addition of the backdoor to the obtainable JSPs. Securityweek.com published this in news on December 31, 2012.

Now, alongside acquiring admission to confidential details, the cyber-crook, who compromises the contaminated computer via the backdoor, as well manages to execute additional sinister instructions on the weakened Hyper Text Transfer Protocol server, the security investigators elaborate. Pcworld.com published this in news on December 30, 2012.

The malware, as per Trend Micro, affects computers running Windows 2000, 2003, XP, Vista as well as Windows 7. The agency assigned a "low" rating to the malware, in spite of its myriad capabilities.

However, the malware's threat can be lessened via adopting certain measures on the part of administrators and end-users. First, end-users must routinely enforce security updates that firms providing software issue, so software vulnerabilities aren't exploited. Second, they must not go to unknown Internet sites while bookmark and visit trustworthy websites alone. Finally, they must set strong passwords, which will counteract password cracking devices, Trend Micro concludes.

Related article: New Spam Mail Charges For IPod

» SPAMfighter News - 1/7/2013