The Web    Google
9/9: BackDoor-CEB.C Remote Access Trojan

9/9: BackDoor-CEB.C Remote Access Trojan
September 9, 2004

BackDoor-CEB.c is a remote access trojan that is downloaded by W32/Mydoom.u@MM. It bears the following characteristics:

  • stealths its activity on the victim machine
  • serves as a HTTP proxy
  • serves as an SMTP relay
  • attempts to connect to numerous remote IRC servers (for remote reporting/command)
  • appends the local hosts file (in an attempt to disable updating of many AV products)

    The trojan attempts to connect to a remote IRC server to await command. It carries a list of IP addresses and relevant ports for certain servers. View them and other information at McAfee page.

  • Wi-Fi Planet Toronto: Security Taking Hold
  • VeriSign Strengthens Secured Seal
  • Report: CEOs Stagnant on Security
  • Worldwide Security Server Appliance Market Hits $379 Million
  • 10/12: Forbot-AZ Worm Has Backdoor
  • 5/20: Mytob-EU Worm Drops Copy
  • 6/14: Dansh.worm!irc an IRC Bot
  • RIM Refutes BlackBerry Buffer Overflow Claim
  • For Win Wonks, Software Restriction is Good Policy
  • 2/21: Derdero-B Worm Uses File Sharing
  • Securing the DoJ
  • Security Camera News