An attacker may compromise a vendor's Web site and plant Trojan copies of its software. A Trojan can be sent in an e-mail disguised as an attractive piece of software, or, ironically, as a security update. There are many vectors for Trojan software. Trojan software is software that looks legitimate, but is actually used as a vehicle for conducting malicious activity on a host.
Multiple workspaces can be opened for manipulating systems running the BO2K server.In Host Integrity Monitoring Using Osiris and Samhain, 2005 Trojans When running this control, you will notice it is immediately different from the previous version of Back Orifice by the use of a 'workspace'. Systems Tested: Bo2K Server - Windows 95 v4.00.950, 4.00.950C and Windows 98 v, vA Bo2K Client: Windows 95 v4.00.950 C, Windows 98 v and vA Back Orifice 2000 was released as Bo2KUS.ZIP with the following binaries: Bo2k.exe - 136kb, BO2K server component Bo2kcfg.exe - 216kb, BO2K configuration tool Bo2kgui.exe - 568kb, BO2K client component Bo3des.dll - 24kb, plugin - triple DES module Bopeep.dll - 52kb, plugin - remote console manager Client Component: BO2KGUI.EXE is the client component. It operates as a remote access trojan, or RAT.
Back Orifice 2000 allows hackers to take control of a person's PC over the Internet, but only if the victim has been tricked into installing the Back Orifice software on the local machine.
Virus Characteristics This page last modified February 3, 2000. The registry is modified in the following location HKLM SOFTWARE Microsoft Windows CurrentVersion RunServices 'UMGR32.EXE'='C:WINDOWS SYSTEM UMGR32.EXE e' (note the actual file name does not have a.EXE extension, it is.EXE followed by 230 spaces and then the letter 'e') Windows NT Systems: By default, the file UMGR321.EXE (DOS 8.3 name) is written to the 'c: winnt system32' folder.
0 kommentar(er)
