| Common names: |
Poison.AK |
| Technical names: |
|
| Alias: |
Backdoor.Win32.Poison.bfjd, |
| |
|
| Type: |
BACKDOOR |
| Size: |
146621 Bytes |
| |
|
DETECTIONS
|
| Number of sightings: |
|
| Date first seen: |
February 16, 2010 at 12:38 PM |
| Country first seen in: |
|
| Country last seen in: |
|
| |
|
|
Panda Cloud Antivirus Pro Edition
- Behavioral analysis of running processes.
- Automatic USB vaccination to protect from autorun malware.
- Automatic upgrades to new product features (firewall, etc.) as soon as they are released.
- VIP support 24x7 multilingual tech support.
|
|
Brief Description Poison.AK is a backdoor that allows hackers to gain remote access to the affected computer in order to carry out actions that compromise user confidentiality and impede the tasks performed on the computer. It uses several methods in order to avoid detection by antivirus companies: - It terminates its own execution if it detects that it is being executed in a virtual machine environment, such as VMWare or VirtualPC.
Poison.AK uses the following propagation or distribution methods: - Exploiting vulnerabilities with the intervention of the user: exploiting vulnerabilities in file formats or applications. To exploit them successfully it needs the intervention of the user: opening files, viewing malicious web pages, reading emails, etc.
- Via Internet, exploiting remote vulnerabilities: attacking random IP addresses, in which it tries to insert a copy of itself by exploiting one or more vulnerabilities.
|
Poison.AK allows hackers to gain remote access to the affected computer in order to carry out actions that compromise user confidentiality and impede the tasks performed on the computer.
It uses the following techniques to impede detection by antivirus companies:
- It terminates its own execution if it detects that it is being executed in a virtual machine environment, such as VMWare or VirtualPC.
More information about virus Poison.AK in the Encyclopedia
Back