Haxdoor: One Scary Bit of Malware

Malware attacks is a growing phenomenon. One particular malware that is frighteningly powerful is Haxdoor which is a backdoor pharming rootkit that steals your confidential information.

It can hide its presence (processes and files) on an infected system, so it can be only detected by anti-virus programs that use kernel drivers and by rootkit .

This backdoor has spying capabilities and according to reports, it has been lately used to steal bank-related information (logins and passwords for online bank accounts) and other information.
According to F-Secure, Haxdoor hooks HTTP functionality in the system and uses it to redirect traffic, steal information and transmit it back to web servers controlled by the attacker. It has been reported that Haxdoor uses low-level access to the system’s network stack to perform pharming attacks.

One of the popular phishing attacks recently is the PayPal spam email. It works by opening a redirect session at Yahoo! The address begins with http://rds.yahoo.com/, click on the link and you’ll be re-directed to a transitional page which says the page has moved and thereafter to the main phishing page.

Read full article here from PCMag.

February 28, 2006 at 9:11 pm · Filed under ,




Related posts

  • Worry Watch — Worms in the Macintosh
  • Microsoft Says Recovery from Malware Becoming Impossible
  • Linux Malware Doubled In ‘05; Macs May Be Next
  • MS Researchers Tackle Automated Malware Classification
  • GRISOFT bolsters AVG with anti-malware purchase


    • Leave a Comment

    Technorati tags: , , , , , , ,