14 DAY TRIAL // OK, I get it, Christmas is one of those times of the year when all sorts of infections rise up and become extremely dangerous for every unpatched system. There have been so many security reports that it makes me think no one is safe these days. But, let's see one more threat which seems to be placed among the most important ones. BKDR_HUPIGON.MER is that kind of backdoor that attempts to open a port and wait for commands sent by the attacker, in order to control all sorts of processes. First of all, the infection may be found when a user searches the web for "ways to lower blood pressure", Jercyl Lerin of Trend Micro wrote in a blog post.
Searching for such a phrase leads the users to a malicious software that can really harm visitors' computers. "Trend Micro researchers discovered a malicious software that can download and execute a sinister downloader-backdoor, which is detected as BKDR_HUPIGON.MER", the Trend Micro official continued. "The said backdoor is a member of the HUPIGON family or the Grey Pigeon of backdoor Trojans. It opens [a] Web site to hide the execution of its routines."
BKDR_HUPIGON.MER is Windows backdoor targeting most versions of the Microsoft operating system including 89, ME, NT, 2000, XP and Server 2003. What's worse is that it has a high damage potential bundled with a low distribution potential. Now, let's see what it is able to do.
First of all, it opens a website to hide its activity and avoid being detected by the user. Then, it attempts to open the TCP port 80 to allow the attacker the execution of commands over the affected system. "The said routine provides the remote user virtual control over the affected system, thus compromising system security", Trend Micro noted in the description of the threat.