Backdoor is a malicious program, and sometimes a deliberately left loophole in the code of a legitimate program that provides access to the device for unauthorized actions. The backdoor exactly corresponds to its name (from the English back door — “back door”): secretly lets an attacker into the system, granting administrator rights.
Information security audit
Backdoors are related to official remote administration utilities, but their functionality is usually broader. In addition to directly controlling processes at the system level and even the Bios, backdoors can steal user’s personal data, download and send files over the network, open access for viruses and worms, connect to remote hosts, turn a computer into a “zombie”, making it part of a botnet, and all this is unnoticeable.
There are two types of backdoors by origin:
- An embedded software vulnerability. An example is the story of the popular NetSarang corporate server management software. A backdoor was discovered in its code, through which attackers gained access to confidential data of organizations using NetSarang. The manufacturing company attributed this to a mistake by the developers, quickly closing the vulnerability. This is the main problem with such “bugs”: it is almost impossible to prove that the manufacturer did not add it at the development stage for selfish purposes.
- The utility is a Trojan. Here, as in the case of any Trojan, the user receives malware in the form of a “bonus” for stinginess, curiosity and ignorance — from torrents, porn resources, in mail attachments.