New Haxdoor variant spreading – do we have protection?

New variant of spying Trojan Haxdoor has been reported since Tuesday 10th Oct. It has e.g. the following names:

Backdoor.Haxdoor.R (Symantec)


Haxdoor-DG (Sophos)


BackDoor-BAC!55436 (McAfee)

I’m not saying this list is fully coverage, F-Secure, Kaspersky, NOD32 etc. detect previous versions at least. UPDATE 16th Oct: CA sees this as Win32/Haxdoor.BQ.
As we know, very well, it uses rootkit technics to hide the existence of Trojan, files and processes.

A very interesting question is: How can vendors without working rootkit detection detect these variants using improved rootkit technics? has some statistics about malware that use rootkit technology.

Print Friendly, PDF & Email

Published by


Security consultant from Finland