| Port No | 1602 |
| Service Name | BackDoorDirectConnection |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | The backdoor malware has a server component, a client component and a server configuration component. It uses the server program to infect the target computer, uses the client program to access and control the target system, and uses the configuration component to configure the server program.
By default the client program connects to the server program at a port 1600, but this port may be configured with the server configuration program. This backdoor malware compromises network security because it allows hackers to control the target computer |
| Reference Link | BackDoorDirectConnection |
| Attack | Solutions: Close the server configuration program by pressing the X button on its main Window. Scan your system with Trend Micro antivirus and delete all files detected as BKDR_DCONNECT.A. To do this Trend Micro customers must download the latest pattern file and scan their system. Other email users may use HouseCall, Trend Micro's free online virus scanner. Details: The hacker witht he client program may execute any or all but not limited to the following on the system with the server program: Delete/Execute/Create/Copy files Open/Close the CD-ROM tray. Chat with the infected computer Send an email using the infected user as the sender Stop the server program This backdoor malware has been written by Snapman. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.