| Port No | 8089 |
| Service Name | ASNIFF |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | This is version 0.30 of the remote sniffer malware called “ASniffer.” A hacker uses this malware to monitor and steal data such as, credit cards and network accounts. The sniffer server program may be configured with the EditServer program. This backdoor compromises network security. |
| Reference Link | ASNIFF |
| Attack | Solutions: Terminating the Malware Program Once the malicious program has been identified, you need to terminate it from memory. In this procedure, you will need the names of the file or files detected earlier as BKDR_ASNIFF.030. Open Windows Task Manager. On Windows NT/2000/XP systems, press CTRL+SHIFT+ESC On Windows 9x/ME systems, certain processes are not visible in the Task Manager. Use either a third party process viewer to view and terminate the malware process. In the list of running programs, locate the malware file detected earlier. Select the detected file, and then press either the End Task or the End Process button, depending on your version of Windows. Note that for Windows NT/2000/XP, the list of running processes is located under the Processes tab. To verify if the malware process has been terminated, press F5 to refresh the list of processes then review the process list. Close the Task Manager. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.