Backdoor Sneaks into Computers through Japanese Text Editor

Softarea51.com is your source for all the latest computer technology and software related press releases.
Browse our archive for more press releases!

Released on: 23, August 2006
, Author: Manish
, Audience: Computers related

Security experts at MicroWorld Technologies inform infected JTDfiles are smartly employed in exploiting a recently found vulnerability in Ichitaro,in order to spread a covert backdoor named  Win32.Papi.aÂ', thus orchestratingtargeted computer attacks in the land of rising sun. Justsystems, the makers ofIchitaro, has issued a patch for the flaw, downloadable athttp://www.justsystem.co.jp /info/pd6002.html

The backdoor penetration is carried out using a malicious JTD file that backpacks aTrojan Dropper named  Ichitaro.Tarodrop.aÂ'. The Trojan Dropper exploits a UnicodeStack Overflow Vulnerability in the text editing software to execute its code on thesystem and to extract a backdoor named  Win32.Papi.aÂ'.

Once activated, Win32.Papi.a installs itself in the system registry, initiates aService named CAPAPI, drops its main DLL file which is then injected into therunning processes of the compromised computer. It establishes a connection with theremote Server on port 8080 and listens for commands from the remote attacker.

The backdoor can harvest system information, stop and start processes, takescreenshots of the desktop and send them to the attacker, download files from thenet and execute them, capture network user information, log off current user, searchdisks for files, create and move directories and restart the victimÂ's machine. UsingWin32.Papi the attacker takes over the targeted machine completely to conduct arange of online criminal activities.

 ItÂ's not the first time text editors are used in smuggling malware into usercomputers. In May, we had reported about  Win32.GusiÂ' that was spread via aspecially created Word file that exploited a security flaw in Microsoft Word, whichincidentally was reported the first time in Japan with the attacker possibly sittingin China, says Sunil Kripalani, Vice President, Global Sales and Marketing,MicroWorld Technologies.

MicroWorld has developed the WorldÂ's most advanced Security Solutions, eScan andMailScan, that consistently maintain the fastest malware detection and preventionrate. Combining the superior AntiVirus System with its unique MWL technology,MicroWorld protects users from a range of zero-day threats of this nature.

The CEO of MicroWorld Technologies, Govind Rammurthy, gives a broader view on theissue  Trojans and Backdoors that exploit vulnerabilities in system and applicationsoftware can spread quiet fast and deliver their payload without much of userintervention. They are like camouflaged infiltrators who sneak into your homelandand expand their deadly mission under the cover of darkness. And this particularcase goes well to underline what we have been advocating all along, that users needto update timely security patches not just for their Operating Systems, but forapplication software programs as well.Â

MicroWorldMicroWorld (www.mwti.net ) is the developer of the world's first Real-TimeAnti-Virus and Content Security software eScan for desktops and servers. Itscommunication security software, MailScan is the first comprehensive e-mail scannerfor your SMTP/POP3 Mail Server. MicroWorld Winsock Layer (MWL) is the revolutionarytechnology underlying these products, powering them to several certifications andawards by some of the most prestigious testing bodies, notable among them beingVirus Bulletin, Checkmark, TUCOWS, Red Hat Ready, and Novell Ready. Combining theirpowerful scanner with MWL technology, MicroWorld solutions provide a Real-TimeProactive security for your systems. For network security of enterprises, eConcealFirewall is the latest powerful offering from MicroWorld.

For more information write to manish@mwti.net


Source: Express-Press-Release.com
Related downloads

TX Text Control rich text editor
Rich text editor that offers developers a broad range of word processing features.
Text Hawk Text Editor
Fast, multi-language Windows text editor that blends usability with simplicity. Experience the power to edit the way you want without interruption. Features color syntax highlighting, tabbed interface, regular expression searching, and more.
Text Editor
A java based Text Editor to save and open, modify or view the text files. Also featuring Background and foreground colour as well as Text styles and Font size.
GWD Text Editor
GWD Text Editor is a powerful shareware text for Windows. Features include configurable syntax highlighting, ANSI C compatible macro language, projects (IDE for Borland C++ and Java), plug-ins, FTP client, keystroke macros...
txtPro Text Editor
txtPro Text Editor is your all-in-one multi language code editor, text editor and HTML editor! Great looking color syntax highlighting combined with auto indentation give you the feedback you need to code productively.
Softarea51.com RSS Feed

Get RSS updates on latest computer technology and software related press releases Subscribe to this feed!  Subscribe to Latest Press Releases RSS feed

Google My Yahoo! Windows Live Newsgator Bloglines Add to Netvibes Add to del.icio.us

You are welcome to include these headlines in your own pages. If you want to find out how to parse this RSS file please read our tutorial How to parse RSS feeds with PHP.