x
48h OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
SPECIAL OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
HALLOWEEN OFFER
take advantage of our
terrific discounts
BUY NOW AND GET A 50% OFF
x
CHRISTMAS OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 40% OFF
x
SPECIAL OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 50% OFF
x
BLACKFRIDAY OFFER
Buy the best antivirus
at the best price
TODAY ONLY UP TO 70% OFF
x
CYBERMONDAY OFFER
Buy the best antivirus
at the best price
(Only for homeusers)
TODAY ONLY UP TO 70% OFF
Active Scan. Scan your PC free
Panda Protection

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

Webber.P

Threat LevelHigh threatDamageSevereDistributionNot widespread
Common name:Webber.P
Technical name:Bck/Webber.P
Threat level:Medium
Alias:Berbew.F, Backdoor.Padodor.gen, Backdoor.Berbew
Type:Backdoor
Effects:  

It allows remote access to the computer, makes requests to different web sites located in Russia, without the user noticing and logs confidential information on the affected computer in a file.

Affected platforms:

Windows XP/2000/NT

First detected on:June 25, 2004
Detection updated on:Feb. 25, 2005
StatisticsNo
Proactive protection:
Yes, using TruPrevent Technologies

Brief Description 

    

Webber.P is a backdoor that allows to gain remote control over the affected computer through the TCP port 23232, in order to carry out actions that would compromise users confidentiality, or even impede normal work.

In addition, Webber.P opens two TCP ports, in order to make the affected computer act as a proxy server.

This backdoor sends confidential information to different web sites, as well as data stored in the cache of the browser Internet Explorer.

Webber.P logs confidential information, such as the user name and the name of the affected computer, in a file.

Webber.P is distributed by means of a modification in the configuration of web servers using IIS 5.0 (Internet Information Services). As a result, these servers now include malicious JavaScript code, detected by Panda Security as Exploit/DialogArg.

That exploit, thanks to a vulnerability in Internet Explorer, allows Webber.P to be downloaded and run in the computer, without users consent.

Visible Symptoms 

    

Webber.P is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.