Backdoor.OptixPro.12.b Trojan Horse

[sleepdeprived]

Last week it was discovered that a Trojan Horse (Backdoor.OptixPro.12.b) had been loaded on a webserver and apparently disabled Norton Antivirus. The trojan horse has been removed and we have taken steps to change all the passwords on that server. I was told that no one was sure how it got there. I've looked and read the info that Symantec has but nothing I have found tells me how this Trojan Horse is spread. No one around here seems to know (or have any idea) how it got there.

Does anyone know of a resource that would tell me how it this Trojan typically infected computers? Any other thoughts would be wonderful.

 

[onpnt]

<src

http://www.esecurityplanet.com/alerts/article.php/2170071

>

Backdoor.OptixPro.12.b May Steal Cached Passwords

Backdoor.OptixPro.12.b is a Backdoor Trojan Horse that gives a hacker full access to a computer. By default the Trojan opens port 2060 for listening. The Trojan may steal cached passwords and compromise security settings.

</src>

_____________________________________________________________________
_{You can accomplish anything in life, provided that you do not mind who gets credit.
Harry S. Truman}

http://www.onpntwebdesigns.com

 

[onpnt]

<src

http://www.trendmicro.com/en/security/general/glossary/overview.htm#Backdoor

>

Backdoor
A Backdoor is a program that opens secret access to systems, and is often used to bypass system security. A Backdoor program does not infect other host files, but nearly all Backdoor programs make registry modifications. For detailed removal instructions please view the virus description. See virus types for an explanation of Trend Micro virus-naming conventions.

</src>

_____________________________________________________________________
_{You can accomplish anything in life, provided that you do not mind who gets credit.
Harry S. Truman}

http://www.onpntwebdesigns.com

 

[crow053]

This may be of interest...

http://www.evileyesoftware.com/ees/index.shtml