Scoop has an Ethical Paywall
Symantec Security Response: Backdoor.Bardor.A
Symantec Security Response: Backdoor.Bardor.A
Today, Symantec Security Response discovered the first Windows CE (Pocket PC) backdoor Trojan -- Backdoor.Bardor.A. Once installed, the backdoor allows full control of the handheld system when it is restarted.
When the infected handheld is connected to the Internet, the backdoor sends the attacker the IP address of the handheld device. It then opens port 44299 and waits for further instructions from the attacker.
The backdoor only affects ARM CPU based Pocket PC devices. ARM CPU's are high-speed processors that are widely used in PDAs and other handheld devices because of their small size and low power requirements.
At this time, Symantec is categorizing the threat as a Level 1 threat. Threat Levels range from 1 to 5, 5 being the most severe.
"Backdoor server and Trojan horse programs often use enticing file names to trick users into executing them," said Oliver Friedrichs, senior manager, Symantec Security Response. "Users should not open or execute files from unknown sources."
Symantec's security experts recommend that compromised systems be completely reinstalled because of the ability of the remote user to perform so many different actions on the server system, including installation of applications. Additionally, users should delete the file /Windows/StartUp/svchost.exe.
ENDS
Hugh Grant: How New Tech Helps Kids Love Soccer More
Bill Bennett: Download Weekly - 100% claim lands One New Zealand in criminal court action
FSCL: Woman Scammed Out Of $25,000 After Job Offer On LinkedIn
NIWA: Cheers To Crustaceans - New Species Named After Welly Brewery
MBIE: Trans-Tasman Earth Observation Research Studies Confirmed
NZ Association of Scientists: Royal Society Te Apārangi Governance Submissions Close - NZAS Submission
