Top 12 most dangerous backdoor in computer history

Backdoor is a tool (program or program-related) used by hackers to install on the system to bypass the security barrier of a device or software remotely. Users are not aware of the existence of a backdoor until it is detected.

It is extremely difficult to detect backdoors in devices. Many of the best experts also know what these 'backdoor' malware codes do on the victim's computer and who is the controller.

1. 10 typical malware types

Below is a list of 12 backdoors that are in the top of malware with the most subtle way of operating in computer history.

12. Back Orifice

Back Orifice is considered the first kind of backdoor in history, led by a group called Cult of the Dead Cow consisting of notorious hackers created in 1998.

This group of hackers used Back Orifice to control and remotely control the network with an intrusive port of 31337, operating on Microsoft BackOffice Server - the predecessor of Windows Small Business Server.

After Back Orifice was born the world had to have a new, broader view of the dangers of backdoors and the concept of Trojans, secret computer programs to destroy and harm computers. given.

11. DSL Backdoor

DSL Backdoor was discovered in late 2013 by Eloi Vanderbeken, a French Reverse-Engneer (software reverse engineer).

This backdoor allows an attacker to send commands to several Sercomm hardware routers such as Linksys, Netgear, Cisco and Diamond on TCP port 32764 from a shell command line without any authentication from the administrator. network treatment.

In the latest version of the firmware, this vulnerability was patched, but Sercomm installed a similar backdoor in another way. To fix this problem, another patch was released in April 2014, but it only hid access to port 32764, but could not cure backdoor TCP 32764. And still today, experts still could not produce a complete official patch to "cure" this dangerous backdoor.

10. Backdoor encrypts entire data drives

This is a type of 'not backdoor, but a feature' (not a backdoor, but a feature) first discovered in 2007. PGP Whole Disk Encryption helps create a password into initial processes for encrypted drives. Scary, this password is defaulted to no longer be valid for the first time.

9. Hidden Backdoor in pirated plug-ins of WordPress

WordPress is currently one of the well-known blogs for its powerful content management system and functions. But this blog has a lot of problems in security. One of them is loopholes in managing add-ons for blogs. Based on this vulnerability, hackers have added a backdoor to the WordPress site, making it difficult for even experts to detect.

8. Backdoor in Joomla plug-ins

Joomla - an open source CMS utility is also the victim of the way of attack through the content management system (CMS - Content Management System).

Joomla content management system is written in PHP language, connects to MySQL database and has loopholes in how to manage and install utilities (especially free plug-ins).

Hackers took advantage of this to attack and knock down the site. This makes anyone who works with Joomla source code want to install a plug-in for their website, and must be more careful and careful.

7. Backdoor ProFTPD

In 2010, hackers often chose ProFTPD, an open FTP Server standard that was widely used as a backdoor attack target. They access the hosting server's source code and add the code, helping the attacker send a HELP ACIDBITCHEZ command to access the root of the FTP server. After that, hackers will use zero-day exploits in their ProFTPD to break into websites and spread many kinds of malicious and dangerous computer viruses.

6. 'Backdoor' Borland Interbase

From 1994 to 2001, Borland's engineers introduced a hard-coded backdoor type of malicious code into the Borland version (later Inprise) Interbase version 4.0 to 6.0.

This backdoor attacks the network with an intrusion port of 3050. When users log in with the tool, Backdoor allows hackers to have full access to Interbase databases.

The login information to open the backdoor has a username that is politically (political) and the password is correct (correct).

5. Backdoor is available on Linux

In 2003, a hacker tried to insert a 'crafty' backdoor into the source code of the Linux kernel. If successful, this hacker can gain administrative rights on the machine. Fortunately, a malware control utility has promptly detected this backdoor.

4. Door code after tcpdump

In 2002, an anonymous user tried to get the backdoor into the tcpdump utility on Linux (and even Unix).

This backdoor adds a command and control mechanism (command and control) so that the tcpdump utility can operate on port 1963. This backdoor is quickly detected and destroyed.

3. TAO hardware backdoor of NSA

According to new information recently revealed, the Tailored Access Operations team (TAO - Perfect Access Agent) of the NSA (US National Security Agency) can install hardware and tracking software on applications. Electronics equipment before they reach the buyer. The backdoor into the firmware for eavesdropping will be added to the hardware delivered to other countries.

In addition, many computers, peripheral devices and components such as storage hard drives are also installed monitoring software in the firmware created by the NSA itself.

In some cases, if the user formats the hard drive or updates the firmware, the spyware continues to function.

2. Windows _NSAKEY backdoor

According to the NSA, in Windows NT 4 Service Pack 5, the researchers discovered a variable named _NSAKEY that came with a 1,024-bit public key (public key).

Many experts believe that Microsoft has colluded with the NSA and secretly granted this backdoor to them to access encrypted data on Windows. Although Microsoft has denied this allegation, it is inevitable to be suspicious.

1. Dual Elliptic Curve backdoor

It has been reported that the NSA paid RSA $ 10 million for the company to design the Elliptic Curve Dual System - a random number generator based on elliptical curves widely used on the Internet and in security programs. computer with some error or "backdoor" allows NSA to decode.

See more:

1. The list of the 10 most famous hackers in the world
2. 6 clear signs that your phone is hacked
3. Summary of the most frightening "virus worms" on computer systems