RealTime IT News

Panda Software Offering Remedy For Back Orifice Threat

Panda Software today will announce the onsite availability of a workaround to BackOrifice, the new rogue application that hackers are using to gain control of another computer user's desktop.

The Cult of the Dead Cow last week announced the Windows 95/98 backdoor program, Back Orifice, at its annual Las Vegas hacker gathering, Defcon. The application was presented by a programmer named "Sir Dystic," who stated that the program was conceived as "a backdoor that allows unauthorized users to execute privileged operations on the affected machine."

The Back Orifice program hides inside a "target host" which is used to allow user access to the file system, network information, registry, processes, network traffic and keyboard keystrokes at a later time, all without using the normal methods of authorization and vulnerability exploitation.

Technicians at Panda Software immediately began developing a routine to detect and delete the program from the system after the annoucement was made. Although Back Orifice is not actually a virus, Panda Software added a detection string for this back-door to the latest update of Panda Antivirus. Since Back Ofifice is similar to a "Trojan Horse," there is no disinfecting routine; unlike a true virus, it does not infect other files.

The complete repair files and a set of instructions will be available later this afternoon at no cost from the Panda Software Web site. The company is currently developing a complete Back Orifice "detector and remover."

For additional information about the rogue application or Panda's fix, visit the Pando Software Web site.