Welcome to the Virus Encyclopedia of Panda Security.
It allows to get into the affected computer.
It does not spread automatically using its own means.
|Detection updated on:||March 16, 2006|
|Yes, using TruPrevent Technologies
| Trojan/HakTek is a Trojan written in Visual C++ with a size of 665.088 bytes. This Trojan allows users to access remote systems through a TCP/IP network. This Trojan is capable of carrying out the following actions: mail-bomber / anti mail-bombing, port scanning, and so on.|
Once the Trojan goes into action, it displays the window shown below.
This is a presentation window that lists the characteristics of the program.
Once the connection has been established, the Trojan will allow users to perform the following actions on the victim computer:
It sends out ping's.
It scans the ports open on the system. This way, it will be possible to locate the services enabled on the system. (FTP servers, IRC, websites, servers belonging to other Trojans such as Netbus or BackOrifice ,..etc) .
It supports e-mail-bombing actions. This attack is meant to flood a target victim's mailbox.
It also supports anti mail bombing actions that allow users to protect themselves from these kinds of attacks. To enable this method, users must indicate the name of the e-mail server, as well as the user name and the password of the POP3 account. This way, messages coming from the attacking user will be removed from the server. The Anti-Mailbomb module looks as follows:
This program is detected as a Trojan due to the fact that it stores confidential user information in the Windows Registry under the following key: \HKCU\Software\HakTek. The accessibility to this information endangers e-mail security, as users will not be able to hide confidential information.