Hacker’s Strategy: This program is an alias for Firehotker Backdoorz. The software is supposed to implement itself as a remote control administration backdoor, but is known to be unstable in design. What port numbers do well-known trojan horses use? Today there are no program, either anti virus or anti trojan programmes, who can detect unknown trojan horses. Port 25 Ajan, Antigen, Email Password Sender - EPS, EPS II, Gip, Gris, Happy99, Hpteam mail, I love you, Kuang2, Magic Horse, MBT (Mail Bombing Trojan).
![Kuang2 Hackers Program Kuang2 Hackers Program](/uploads/1/2/5/4/125493469/796705362.jpg)
![Program Program](http://i98.photobucket.com/albums/l246/h2-h4cks/netbios9.jpg)
Daniel Thomas Symantec's latest internet security report, based on data gathered from its Deepsite sensor technology, has found that hackers are targeting back doors such as those created by the MyDoom virus. MyDoom wreaked havoc in February when it was used to launch denial of service attacks against Microsoft and SCO and create back doors into users' PCs. This allows hackers to revisit infected computers and cause further damage. Symantec said that during the first quarter of 2004 attackers and new 'blended threats' have been scanning networks to find the back doors contained in MyDoom.
The blended threats, such as Blaster, Welchiaa and Sobig.F - which combine the characteristics of viruses, worms, Trojan horses and malicious code with existing vulnerabilities to spread an attack - have already appeared in 54% of the top 10 submissions for the last six months of 2003, the research revealed. The top TCP port target for hackers is not surprisingly port 80, which handles web traffic. Attacks on this port were reported by 59.6% of Symantec's sensors.
But 59% of sensors reported that TCP/17,300 was targeted - a port Symantec said had previously seen little hacking activity. Symantec said TCP/17,300 'hosted an old, out-of-date back door Trojan named Kuang2', and hackers were targeting it to find systems running this back door. Threats to privacy and confidentiality showed the most rapid increase during the last six months of 2003, the report said, with a 148% growth in volume of malicious code submissions. Almost 33% of all attacking systems targeted the vulnerability exploited by the Blaster worm and its successors, Symantec said. Although many worms appeared in August, enough unpatched systems remained to sustain them. An average of 220 security vulnerabilities every month were identified between July and December 2003, of which an average of 99 were 'high severity' and 70% of which were easy to exploit, according to Symantec.
The findings of the report highlighted growing concern among IT users that implementing every software patch released is becoming an impossible task. Richard Archdeacon, technical services director at Symantec, said, 'As the time between disclosure and exploitation of vulnerabilities continues to shrink, 'zero-day threats' that target vulnerabilities before they are known are imminent. 'Patch management continues to be critical, but companies are struggling to manage it themselves.' The problem is likely to get worse before it gets better, Archdeacon warned. 'Attackers require no specialised knowledge to gain unauthorised access to a network when vulnerabilities are easy to exploit,' he said.