BackdoorsA type of hacking tool..

What is Backdoor?A backdoor in a system is a method of bypassing

normal authentication and gain access.The backdoor access method is sometimes

written by the programmer who develops the program. 

It is found in multi network scenario. A network administrator may intentionally create or install a backdoor program for troubleshooting or other official use.

Hackers use backdoors to install malicious software files or programs, modify code or detect files and gain system access.

Vulnerabilities There are 3 main vulnerabilities

that introduce backdoor in application:

1. Buffer Overflow Attack

2. Cross-site Scripting

3. Remote Administration or Troubleshooting

Hard-wired Backdoor

• 'Back doors' are commonly built into computer systems by programmers to allow quick and easy access – but on a chip of this sort, represent a dangerous vulnerability.

• An attacker can disable all the security on the chip, reprogram cryptographic and access keys or permanently damage the device.

Rakshasa BackdoorRakshasa Backdoor is termed as “Permanent

Backdoor” i.e. hard to detect.Rakshasa is able to compromise more than a

hundred different motherboards. Rakshasa malware infects the host BIOS,

taking advantage of a potentially vulnerable aspect of traditional computer architecture.

Any peripheral, such as a network card or a sound card can write to the computer’s RAM or to smaller portions of memory allocated to any of the other peripherals.

Hence the impact could be devastating.

Cont.. Rakshasa has been developed with open source BIOS

software and because of their compatibility with most hardware, it’s hard to detect.

When the machine boots up, malware downloads all the malicious code it needs.

It disables the resident antivirus and stores the code in memory. In doing so, it avoids leaving traces on the hard disk that could be detected as infectious.

The most important issue about Rakshasa malware isn’t related to how it can infect victims randomly. But the possibility of using it as a backdoor in hardware.

In many cases doubt has been raised about if backdoors are present in Chinese devices, telecommunications in particular.

Motivations of Backdoor Attacks

The main motivations of backdoor attacks are:

Hardware cloningBreaking services, obtaining them with piracyImitating user authentication for system

accessInformation leakageUnlocking devices, to gain access to an

internal shell or to increase control of a system

Unlocking hidden features

Preventive Measures

Obtain & Install Security Updates• It helps you to improve your computer's security

settings.• Operating System should provide security

updates frequently(e.g. Windows Defender in Windows, XProtect in Mac, Snort in Linux)

Update your anti-spyware software definitions• Configure your anti-spyware software to check for

updates at least on a daily basis.• Also, make sure your anti-spyware software is

loaded when your computer starts and that it is automatically updating it's spyware definitions.

Scan for Backdoors• Download “SpyHunter's Scanner ” to check for

Backdoors.

http://www.wiki-security.com/wiki/Parasite_Category/Backdoors

http://www.dailymail.co.uk/sciencetech/article-2152284/Could-vulnerable-chip-allow-hackers-Boeing-787-Back-door-allow-cyber-criminals-way-in.html

http://resources.infosecinstitute.com/hardware-attacks-backdoors-and-electronic-component-qualification/

Bibliography

Thank You..!!

Prepared By:Chaitali Patel