Haxdoor.OX is a hacking tool. These are programs designed to enable malicious users to cause or facilitate action detrimental to the target computer.
However, under certain circumstances (for example with network administrators), they could be used to check the security status, possible attack channels (in order to minimize risks), etc.
These tools, even though they are not by nature viruses, are considered as dangerous to victims of attacks.
It captures certain information entered or saved by the user, with the corresponding threat to privacy:
It sends the gathered information to a remote user by any available means: email, FTP, etc.
It affects productivity, preventing tasks from being carried out:
- In the affected computer:
it converts the computer into a platform for taking malicious action surreptitiously: spam sending, launch of Denial of Service attacks, malware distribution, etc.
- In the local network:
it generates a large amount of network activity and consumes bandwidth.
It reduces the security level of the computer:
it notifies the attacker that the computer has been compromised and is ready to be used maliciously.
It uses stealth techniques to avoid being detected by the user:
- It uses techniques included in its code to hide itself while it is active.
Haxdoor.OX uses the following propagation or distribution methods:
- Exploiting vulnerabilities with the intervention of the user: exploiting vulnerabilities in file formats or applications. To exploit them successfully it needs the intervention of the user: opening files, viewing malicious web pages, reading emails, etc.
- Via Internet, exploiting remote vulnerabilities: attacking random IP addresses, in which it tries to insert a copy of itself by exploiting one or more vulnerabilities.