Backdoor Trojans

A backdoor Trojan allows someone to take control of another user’s computer via the internet without their permission.

A backdoor Trojan may pose as legitimate software, just as other Trojan horse programs do, so that users run it. Alternatively – as is now increasingly common – users may allow Trojans onto their computer by following a link in spam mail.

Once the Trojan is run, it adds itself to the computer’s startup routine. It can then monitor the computer until the user is connected to the internet. When the computer goes online, the person who sent the Trojan can perform many actions – for example, run programs on the infected computer, access personal fi les, modify and upload fi les, track the user’s keystrokes, or send out spam mail.

Well-known backdoor Trojans include Subseven, BackOrifi ce and, more recently, Graybird, which was disguised as a fi x for the notorious Blaster worm.

To avoid backdoor Trojans, you should keep your computers up to date with the latest patches (to close down vulnerabilities in the operating system), and run anti-spam and anti-virus software. You should also run a fi rewall, which can prevent Trojans from accessing the internet to make contact with the hacker.

Sophos.com