Panda Software today will
announce the onsite availability of a workaround to BackOrifice, the new
rogue application that hackers are using to gain control of another
computer user’s desktop.
The Cult of the Dead Cow last week
announced the Windows 95/98 backdoor program, Back Orifice, at its annual
Las Vegas hacker gathering, Defcon. The application was presented by a
programmer named “Sir Dystic,” who stated that the program was conceived as
“a backdoor that allows unauthorized users to execute privileged operations
on the affected machine.”
The Back Orifice program hides inside a “target host” which is used to
allow user access to the file system, network information, registry,
processes, network traffic and keyboard keystrokes at a later time, all
without using the normal methods of authorization and vulnerability
exploitation.
Technicians at Panda Software immediately began developing a routine to
detect and delete the program from the system after the annoucement was
made. Although Back Orifice is not actually a virus, Panda Software added a
detection string for this back-door to the latest update of Panda
Antivirus. Since Back Ofifice is similar to a “Trojan Horse,” there is no
disinfecting routine; unlike a true virus, it does not infect other files.
The complete repair files and a set of instructions will be available later
this afternoon at no cost from the Panda Software Web site. The company is
currently developing a complete Back Orifice “detector and remover.”
For additional information about the rogue application or Panda’s fix,
visit the Pando Software Web site.