Destructive Windows XP Backdoor Monitors Your Computer Activity

Christmas has come and gone so the use of infected ecards and season greetings is not so popular anymore. But today's hackers / attackers / spammers / whatever you want to name them seem to be working 24 hours a day, as new techniques, exploits and computer infections are released in the wild every day. Today, we're going to talk about BKDR_VB.XD, a backdoor which Trend Micro says it affects most Windows versions including 98, ME, NT, 2000, XP and Server 2003. 'No problem', you may say, 'I'm protected!' you may say. But do you think your antivirus will be able to handle that high damage potential? In case you're not sure, let me give you a few more details about the backdoor.

First of all, your computer may get compromised once you visit an official page, according to the notification published by Trend Micro. In addition, the backdoor might be dropped by another malware which has already been installed on your system. "Upon execution, this backdoor drops several files. It then creates a registry entry to enable its automatic execution at every system startup. It also employs registry shell spawning so that it executes when files of certain types are run", the security vendor explained.

But what seems to be the most dangerous aspect of the backdoor is surely its ability to log the user keystrokes and send them to the attacker. Imagine that checking your email, verifying your bank account or any other password entered on your computer is then available to the attacker. In addition, BKDR_VB.XD listens for commands sent by the attacker, which means an infected computer may get fully controlled by a remote user.

And that's not all. Trend Micro informs users that BKDR_VB.XD is able to launch DDos attacks using your computer information. "This backdoor can also launch a DDos (distributed denial of service) attack using the SYN flooding method", the security company mentioned.

That being said, don't forget to update your antivirus, apply the latest Windows patches and avoid visiting malicious websites that may attempt to drop the backdoor on your computer.