| Port No | 2000 |
| Service Name | Fearic |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | This detection and analysis is based on the client side of a backdoor. When used with its server counterpart, which installs on target machines, this malware allows remote users to access compromised systems. |
| Reference Link | FEARIC |
| Attack | Solutions: This backdoor malware is written in Microsoft Visual Basic. It is used to remotely control machines compromised and infected with its server counterpart. Users of this malware may remotely issue several commands to be executed in the compromised machine, including: Restart/Shutdown target system Log keysstrokes Display message boxe Toggle keyboard keys Set clipboard text content Open/Eject CD-ROM drive Show/Hide Taskbar button Control mouse Steal IP addresses Auto-update the client This backdoor has a feature which allows it to check for updates and auto-update itself. It steals IP addresses by sending a customized link to target systems. All IP addresses of users who visit this link is logged by this client program. This backdoor program provides the following link in its About menu: http://ice The page contains information and notes about the backdoor malware. The client and server components of the the backdoor malware are also uploaded here. Users however, cannot download these because the server does not grant sufficient access rights to the files. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.