Backdoor

Backdoor is a malicious program, or sometimes a deliberately left loophole in the code of a legitimate program that provides access to a device for unauthorised actions. A backdoor is exactly what its name suggests (back door): it secretly lets an attacker into the system by granting administrator rights.

Backdoors are similar to official remote administration utilities, but their functionality is usually wider. In addition to directly controlling processes at the system level and even Bios, backdoors can steal user’s personal data, download and send files over the network, open access for viruses and worms, connect to remote hosts, turn a computer into a ‘zombie’, making it part of a botnet, all without being noticed.

By origin, backdoors are of two types:

• Embedded software vulnerability. An example is the story of NetSarang, a popular software for managing corporate servers. A backdoor was discovered in its code that allowed attackers to access confidential data of organisations using NetSarang. The vendor wrote it off as a developer error and quickly closed the vulnerability. This is the main problem with such ‘bugs’: it is almost impossible to prove that the vendor did not add it at the development stage for personal gain.
• Utility Trojan. Here, as with any Trojan, the user receives malware as a ‘bonus’ for his or her avarice, curiosity, and ignorance – from torrents, pornographic resources, and email attachments.