{"id":14979,"date":"2014-07-16T20:38:50","date_gmt":"2014-07-16T20:38:50","guid":{"rendered":"http:\/\/kasperskydaily.com\/b2b\/?p=2245"},"modified":"2020-02-26T10:53:28","modified_gmt":"2020-02-26T15:53:28","slug":"knocking-on-a-backdoor-whats-behind-the-graphic-cybersecurity-term","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com\/blog\/knocking-on-a-backdoor-whats-behind-the-graphic-cybersecurity-term\/14979\/","title":{"rendered":"Knocking on a backdoor: what’s behind the graphic cybersecurity term"},"content":{"rendered":"

\u201cBackdoor\u201d is a very vivid, even graphic term, that well describes the possible consequences of using this type of threat, but it says little (if anything) about the tech behind the term. Which is actually quite peculiar and uneasy to explain. But we will try.<\/p>\n

\u00a0<\/p>\n

\u00a0<\/p>\n

\u00a0<\/p>\n

First of all, in computing \u201cbackdoor\u201d is rather a method than a certain malicious program. Wording of security bulletins usually make one think that backdoor is a sort of malware: \u201cThis Trojan installs backdoor\u2026\u201d, etc., but in essence it is a method of bypassing normal authentication that allows for a hidden illegal remote access to a computer. \u201cHidden\u201d doesn\u2019t mean \u201cundetectable\u201d, although the attacker would certainly prefer it that way.\u00a0<\/p>

Backdoors are for entering silently.<\/p>Tweet<\/a><\/blockquote>\n

Backdoor history goes back to late 1960s, when, according to Wikipedia, multiuser and networked operating systems became widely adopted. In a paper published in proceedings of 1967 AFIPS Conference the threat was called \u201ctrapdoor\u201d and related to the \u201centry points\u201d in software which allowed for bypassing proper authentication; the name \u201cbackdoor\u201d is more widely used today.<\/p>\n

There are widely known examples of backdoors becoming a major element of a plot in movies or TV series. In the 1983 film WarGames<\/em> the creator of WOPR military supercomputer had inserted a hardcoded password (his dead son\u2019s name) which gave the user access to the system, and to undocumented parts of the system (in particular, a video game-like simulation mode and direct interaction with the artificial intelligence).<\/p>\n

As\u00a0mentioned earlier<\/a>, the TV series \u201cPerson of Interest\u201d \u00a0features an AI superprogram \u201cMachine\u201d; its creators installed backdoor access for themselves in order to receive information on ordinary people in peril \u2013 and that\u2019s the starting point of the show\u2019s entire plot.<\/p>\n

\u201cInstalling a backdoor\u201d means not installing some malware, but rather altering the targeted software in order to create a means to bypass at least some security and provide a stealthy access to data.<\/p>\n

\u00a0<\/p>\n

\"800-6\"<\/a><\/p>\n

\u00a0<\/p>\n

That would sound weird, but actual default passwords to devices and software packages are backdoors on their own, unless changed by the user.<\/p>\n

Still, there is malicious software called \u201cbackdoor\u201d and \u201cTrojan backdoor\u201d: these are software modules that provide their operators with unsanctioned access to the infected system, possibly in order to exfiltrate information on routine basis, or make them part of a botnet, that would relay massloads of spam or launch DDoS attacks at specific targets.<\/p>\n

Backdoors also make it possible to do anything the author wants on the infected computer<\/a>: send and receive files, launch files or delete them, display messages, delete data, reboot the computer, etc.<\/p>\n

Many computer worms from the past (Sobig, Mydoom, and many others) installed backdoors to the infected PCs. Lots of modern Trojans\u00a0have such components<\/a>.<\/p>\n

Backdoor Trojans are actually the most widespread and dangerous type of Trojans in general.<\/p>\n

The primary function of recent large-scale APTs, such as Flame<\/a> and Miniduke<\/a>, discovered by Kaspersky Lab, are custom backdoors, allowing to penetrate the targeted system and continuously exfiltrate various data.\u00a0<\/p>

Backdoors are installed where the protective wall is thin or lacking.<\/p>Tweet<\/a><\/blockquote>\n

Backdoors generally install some server component on the compromised machine. That server component then opens a certain port or service allowing the attacker to connect to it using the client component of the backdoor software, making the infected box \u2013 or some software \u2013 remotely controlled without it\u2019s user knowledge.<\/p>\n

It\u2019s not about computers alone, however: a simple PHP backdoor script allows to create an administrator account in WordPress<\/a>; there are numbers <\/a>of Android Trojans, including those using Tor<\/a>.<\/p>\n

The way to battle them? \u2013 A security software, and basic information hygiene. Most of the malware requires at least some degree of cooperation from the end-users, in other words, users are mostly tricked to install it through some simple social engineering, plain deceit or exploiting insufficient attention.<\/p>\n","protected":false},"excerpt":{"rendered":"

Backdoor is a very graphic term, but does it explain the tech behind it? We try to shed some light.<\/p>\n","protected":false},"author":209,"featured_media":15916,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1999,3052],"tags":[1449,282,723],"class_list":{"0":"post-14979","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-smb","9":"tag-backdoors","10":"tag-cybersecurity","11":"tag-trojans"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/knocking-on-a-backdoor-whats-behind-the-graphic-cybersecurity-term\/14979\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/knocking-on-a-backdoor-whats-behind-the-graphic-cybersecurity-term\/14979\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/knocking-on-a-backdoor-whats-behind-the-graphic-cybersecurity-term\/14979\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com\/blog\/tag\/backdoors\/","name":"backdoors"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/14979","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/209"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=14979"}],"version-history":[{"count":5,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/14979\/revisions"}],"predecessor-version":[{"id":33240,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/14979\/revisions\/33240"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/15916"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=14979"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=14979"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=14979"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}