Here are most dangerous backdoor was rated as ” cunning ” in the history of computers . These types of malicious ” back door makes many best experts also difficult to know what they are doing on the computer of the victim and who the driver .
First of all , you need to know what is backdoor ? This is the concept to a type of Trojan , after being installed on the victim machine will automatically open a service port that allows the attacker ( hacker ) can connect remotely to a victim machine , from which it will receive and carry out commands given attacker .
Typically , the software identifies are using are safe or not which is very difficult , then to find and detect the Trojan ” backdoor ” is doubly problematic . The discovery of the backdoor and dangerous mode of operation with very delicate as the following types is not a simple matter .
1) Back Orifice
Is considered the first in the history backdoor , Back Orifice has led the world to have a new look , wider on the dangers of the backdoor . Was created in 1998 by a group called Cult of the Dead Cow ( Devotees of dead cows ) including the notorious hacker . Back Orifice help the hacker can control and remote control over the network with intrusion port is 31337 , Microsoft BackOffice Server operates on – the predecessor of Windows Small Business Server .
Back Orifice is then given to substantiate the concern about security problems in Windows 98. The operating system is more of a hacker exploit hidden features users to spread malware .Also since backdoor Back Orifice birth , was born the concept Trojan to the computer program only covert operations to sabotage , damaging the computer .
2) DSL Backdoor
In late 2013, some routers use hardware Sercomm as Linksys , Netgear , Cisco , and Diamond was found out to have a secret backdoor manufacturers are increasing at port 32764. The backdoor allows the attacker send commands to the router according to TCP port 32 764 from a command shell without any authentication of network administrators . Eloi Vanderbeken , a Reverse – Engneer ( who specializes decompile software ) the French have discovered this backdoor and found that although the vulnerability was patched in the latest Firmware version , however, was to install a backdoor Sercomm similar in another way .A patch was later released on January 4/2014 to fix this problem . However, this is just another manipulation to hide access to port 32 764 and have to wait to have a new special update packages found a way to cure backdoor TCP 32764. There have been no official a complete patch for this newly discovered backdoor .
3) Backdoor whole drive encrypted data
This is a representative of a kind of ” backdoor is not , but is a feature ” ( not a backdoor , but a feature ) . PGP Whole Disk Encryption now belongs to Symantec . This tool helps to create a password in the startup process for the drive is encrypted . Default passwords will no longer be valid even in first-time use . For the first time on this type of backdoor was found in 2007, while the whole drive encryption products of PGP disk storage has similar functions . However , without any material published this utility is a “feature ” so scary .
4) Backdoor hidden in the contraband of WordPress plugins
WordPress is one of the popular blog with the system functionality and robust content management . The security profile of this blog , there are many unexpected incidents of users . In the most frightening is that hackers have taken advantage of loopholes in the management of the utility to install the blog to add a backdoor into WordPress pages . However , this behavior not everyone found out , including experts on WordPress .
5) Backdoor in Joomla plugins
WordPress not only affected by the attacks through content management systems ( CMS – Content Management System ) that both Joomla – an Open Source CMS utilities are also victims . Content Management System Joomla is written in PHP and connect to the MySQL database is hackers take advantage of loopholes in the management and installation of utility to attack ( especially the plug-in free).The attacks by the backdoor open this sugar usually the first step to cybercrime attacks on the site and demolish it . This makes both the web as ” amateur ” and professional developers working with Joomla source code must be more careful and think twice before installing it much more a plug-in for your site
6) Backdoor ProFTPD
ProFTPD , a standard FTP server opens widely used has been the target of attacks with backdoors . Back in 2010, the attacker has access to the source code of the server hosting ( space on the server settings of Internet services such as ftp , www … to store web content or data ) . Then we add the code to allow for an attacker root access to the FTP server by sending the HELP command ACIDBITCHEZ . The ultimate goal is the hackers will use methods zero-day exploit in his ProFTPD to break into websites and distributing various types of malicious code .
7) The “back door ” Borland Interbase
From 1994 to 2001, the version of Borland (later Inprise ) InterBase versions from version 4.0 to 6.0 contains a code ” backdoors ” extremely toxic ( hard-coded backdoor ) . It is worth mentioning that this code is added by the engineers of Borland . This backdoor can be accessed over a network connection to port 3050 , once users log in with this tool , the hacker has full access to the databases of Interbase .
There is an interesting detail is the login information to open the backdoor is very unique with username Politically ( politics ) and the password is correct ( exact ) .
8) Backdoor available for Linux
In 2003 , an anonymous man had to insert a very insidious backdoor into the source code of the Linux kernel . This code was written with the appearance without any sign of a backdoor , which the intruder on the server can be added to the source code of the operating system’s.Two lines of actual code has been changed , if glance it is not easy to detect. In theory , this change may help attackers have administrator rights on the computer . Fortunately, this backdoor was promptly spotted by a utility control malicious code
9) Back door code tcpdump
This backdoor mechanism of action is clear and easy to detect than the ” back door ” attack later kernel . This malicious code is adding a mechanism for command and control (command and control ) to utility tcpdump can operate on port 1963. Similarly Linux backdoor attacks , this plot is quickly detected and eradicate shortly thereafter.
10) TAO ‘s hardware backdoor NSA
Revealed recently that , Tailored Access Operations group ( TAO – Perfect Mission Access ) of the NSA ( National Security Agency ) can now intervene in order electronics and hardware installation , tracking software before these devices are the arms buyers. The hardware was delivered to other countries will be added to the firmware backdoor into service of the eavesdropping . Besides the network equipment , the NSA also create monitoring software is installed in the firmware of multiple PCs , even those peripherals – components such as hard drives store . If users perform Specifically , according to a German newspaper , the NSA can install software or components to a variety espionage equipment from Huawei networking equipment to Cisco , hard drive manufacturers such names as Seagate, Western Digital … Some monitoring components allow the NSA to track ” permanent ” victims , because they are designed to continue operating even when users format hard drive or firmware updates .
11) Windows _NSAKEY backdoor
According to the NSA ‘s statement , in 1999 , researchers discovered a variable named _NSAKEY comes with a public key (public key) in the 1024 – bit version of Windows NT 4 Service Pack 5. Many comments secret that Microsoft has also granted to the NSA backdoor to access the encrypted data on Windows . However , Microsoft has denied the allegations and insisted there was no collusion with the NSA story to put backdoors . But there are many experts suspect it is not clear in this matter .
12) Elliptic Curve Dual backdoor
Relates to the NSA , according to Reuters revealed , the NSA has been paid to RSA 10 million to the company designed the system default security software widely used on the Internet and in the computer security program the provincial. This system Elliptic Curve Dual named – is the random number generator based on elliptic curve but it is discreet create some bugs or ” back door ” that allows the NSA decryption.Theoretically , the messages will be encrypted with the standard Dual_EC_DRBG ( Elliptic Curve Dual Random Bit Generator deterministic ) – a standard approved by the NIST . After Edward Snowden leaked internal memo NSA brought this to light After the “back door” Elliptic Curve Dual uncovered , RSA was quick to recommend that customers stop using this system . However , the story of the $ 10 million bribe to the RSA that NSA has a surprise for the computer security experts in the world . Because , RSA is the security company of US long reputation for protecting privacy and individual citizens against the efforts of NSA in the 90s in order to convince the US government allowed to use Clipper chip installed on the phone and the computer helps government agencies easily decoded signal where the law allows .