Scoop has an Ethical Paywall
Licence needed for work use Learn More

Video | Business Headlines | Internet | Science | Scientific Ethics | Technology | Search

 

Symantec Security Response: Backdoor.Bardor.A

Symantec Security Response: Backdoor.Bardor.A

Today, Symantec Security Response discovered the first Windows CE (Pocket PC) backdoor Trojan -- Backdoor.Bardor.A. Once installed, the backdoor allows full control of the handheld system when it is restarted.

When the infected handheld is connected to the Internet, the backdoor sends the attacker the IP address of the handheld device. It then opens port 44299 and waits for further instructions from the attacker.

The backdoor only affects ARM CPU based Pocket PC devices. ARM CPU's are high-speed processors that are widely used in PDAs and other handheld devices because of their small size and low power requirements.

At this time, Symantec is categorizing the threat as a Level 1 threat. Threat Levels range from 1 to 5, 5 being the most severe.

"Backdoor server and Trojan horse programs often use enticing file names to trick users into executing them," said Oliver Friedrichs, senior manager, Symantec Security Response. "Users should not open or execute files from unknown sources."

Symantec's security experts recommend that compromised systems be completely reinstalled because of the ability of the remote user to perform so many different actions on the server system, including installation of applications. Additionally, users should delete the file /Windows/StartUp/svchost.exe.

ENDS


Advertisement - scroll to continue reading

© Scoop Media

Advertisement - scroll to continue reading
 
 
 
Business Headlines | Sci-Tech Headlines

 
 
 
 
 
 
 
 
 
 
 
 

Join Our Free Newsletter

Subscribe to Scoop’s 'The Catch Up' our free weekly newsletter sent to your inbox every Monday with stories from across our network.