Insurrection (trojan horse)

From Wikipedia, the free encyclopedia

Insurrection is a remote administration tool or remote administration trojan (RAT) as well as a backdoor program that allows an intruder to secretly and remotely access a person's computer using a client program installed on the intruder's PC and a server program secretly installed on the victim's PC. Using the trojan, the intruder is able to control aspects of the victim's PC, including disabling antivirus and firewall software, browse the victim's files, upload and download files, and log keystrokes among other unwanted activities.

Contents 1 Author 2 Aliases 3 Infection 4 Payload 5 External links

[edit] Author

RaGe

[edit] Aliases

Backdoor.Win32.Delf.gw (Kaspersky Lab), Backdoor.Delf.gw (Kaspersky Lab), BackDoor-FS (McAfee), Backdoor.Trojan (Symantec), BackDoor.Insurrect.10 (Doctor Web), Backdoor:Win32/Delf.GW (RAV), BKDR_DELF.HU (Trend Micro), BDC/Delf.GW.Cli (H+BEDV), Win32:Trojan-gen. (ALWIL), BackDoor.Delf.ER (Grisoft), Backdoor.Delf.GW (SOFTWIN), Bck/Insurect.B (Panda), Win32/Delf.GW (Eset).

[edit] Infection

Insurrection is distributed in the same way as many trojans, through e-mail messages convincing the user to run an attached infected file or through malicious Web sites disguising the trojan as a useful tool.

[edit] Payload

• Remote access tool
• Backdoor
• Antivirus killer
• Firewall killer
• Keylogger
• Client notifier

[edit] External links

• [1] - Computer Associates Pest Patrol Spyware Center Entry