Backdoor.DSNX

Backdoor.DSNX is a Backdoor Trojan Horse that can give its creator access to your computer. Like many other Backdoor Trojans, Backdoor.DSNX is controlled by its creator using IRC channels.



Possible system changes
If the Trojan was run and a hacker executed files on the computer, it may be difficult to determine exactly what was done, even after the Trojan was removed. If you are familiar with your operating system and with using system repair or system checking tools, we suggest that you fully check the system for any of these modifications and reverse them. Otherwise, consider re-installing the Windows.

How the Trojan uses IRC
The Trojan can contain an IRC client of its own that is activated when the Trojan is run. It logs onto a hard-coded IRC channel that the hacker monitors. This means that the hacker can chat with the Backdoor Trojan that is running on the infected computer. The Backdoor Trojan not only provides information about the infected computer, it also listens for commands from the hacker.

For example: If a hacker chats the words "get password," then the Backdoor Trojan recognizes that as a command and reacts by searching the computer for stored passwords. The Trojan will report to the hacker by chatting the results.

For an example of such commands, read the Backdoor.Kaitex writeup.

Protection

• Initial Rapid Release version January 30, 2002
• Latest Rapid Release version May 16, 2008 revision 020
• Initial Daily Certified version January 30, 2002
• Latest Daily Certified version May 16, 2008 revision 019
• Initial Weekly Certified release date January 30, 2002

Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

• Wild Level: Low
• Number of Infections: 50 - 999
• Number of Sites: 3 - 9
• Geographical Distribution: Medium
• Threat Containment: Easy
• Removal: Easy

Damage

• Damage Level: High

Distribution

• Distribution Level: Low