Welcome to the Virus Encyclopedia of Panda Security.
|Effects: ||It acts as a proxy server, allowing to redirect TCP traffic through the computer. It opens the port 5004 and listens to it. In addition, it allows to download and run files on the affected computer.|
|Detection updated on:||March 10, 2004|
|Country of origin:||UNITED STATES OF AMERICA|
Cidra.B is a backdoor that acts as a SOCKS4 proxy server, allowing to redirect TCP traffic through the affected computer. This can be used to hide the real source of TCP traffic.
Cidra.B opens the TCP port 5004 and listens to it. In addition, it allows to download a file to the affected computer from a web page, and then run it.
Cidra.B has been mass-mailed in a message with an attached file called P_USB.ZIP and one of the following subjects:
- A subject that contains the text This your photo? and several characters interpolated.
- Urg3nt Responc3 Requir3d
Cidra.B is difficult to recognize, as it does not show any messages or warnings that indicate it has reached the computer.