An underground hacker organisation in the US last week released Back Orifice, a program allowing the user to invisibly control and access Windows machines over a network.
The organisation, called the Cult of the Dead Cow (www.cultdeadcow.com), described the software as a "utility which allows the user to control and monitor computers running the Windows operating system over a network".
The hacker who wrote the program, who goes by the name of Sir Dystic, said: "The two main legitimate purposes for (Back Orifice) are remote tech support aid and employee monitoring and (administration)."
However, the software's feature list reveals a more sinister purpose.
Back Orifice allows a user to control the Windows file system, registry, system files, passwords, network configuration and processes. It includes multimedia controls that allow images to be captured from the target machine's screen, or from any attached video device; an HTTP server that allows files to be transferred to and from the target machine on any port; an integrated packet sniffer for monitoring network traffic; and a keyboard monitor that captures all keyboard input.
It also allows connections or applications to be redirected, which means that the target machine can be used to host attacks on other systems.
A simple telnet session could be used to input text into an application on the host machine, for example an Email client, making it seem as if the user of the target machine had input the text.
Microsoft issued a response almost immediately, claiming: "Back Orifice does not expose or exploit any security issue with the Windows platform or the BackOffice suite of products." The company pointed out that remote control software is already commercially available, and that for Back Orifice to have a harmful effect on a user's computer, the user would have to install, or be tricked into installing, the Back Orifice server program.
In addition, the attacker would have to know the user's IP address, and be sure that the user was not behind a firewall.
David Bridger, NT product manager at Microsoft, said that "business customers should be aware of security policies", such as the need for reliable firewalls.
"We take security very seriously," he said. "To me, the biggest thing is the fact that this ridicules security awareness, and doesn't add value."
Findings made by reconstructing its orbit by numerical simulation
3D printer was specially adapted to build therapeutic biomaterials from multiple materials
Politicians in attendance complained that Zuckerberg skipped all the tough questions
Are you paying attention?