ACBackdoor

ACBackdoor Description

Malware developers target multiple operating systems with their malware rarely. One of the main reasons for this is that Linux systems are not spread that widely, and targeting them with malware is not always a profitable task. However, the authors of the new ACBackdoor appear to be experts when it comes to developing Linux-compatible malware – cybersecurity researchers note that the Linux version of ACBackdoor was written very well, and packs remarkable features such as fileless code execution and the ability to manipulate the properties of running processes. Besides being able to run on Linux, the ACBackdoor also is compatible with the Windows operating system, but it is important to mention that the Windows version appears to be implemented poorly compared to its Linux counterpart. This leads malware researchers to suspect that the threat actor behind the ACBackdoor specializes in Linux malware, but they may be trying to diversify their portfolio by porting some of their malware to Windows.

The Fallout EK Spreads the ACBackdoor

The ACBackdoor was first spotted when the Fallout Exploit Kit (Fallout EK) was seen distributing an unknown piece of malware – the sue of the Fallout Exploit Kit is evidence that the criminals behind the ACBackdoor project are not new to the scene, and they have the necessary funding to afford the use of a high-profile exploit kit.

After the ACBackdoor is executed, it will collect basic system information and then transfer it to the attacker's control server via HTTPS. The malware attempts to gain persistence on Windows computers by creating a new Windows Registry key, and masquerading as a 'Microsoft Anti-Spyware Utility.' In the meantime, the Linux version tries to stay stealthy by calling itself an 'Ubuntu Release Update Utility.'

The ACBackdoor is very simple in terms of functionality, but it does support all primary features found in most backdoor Trojans:

  • It can collect and transmit details about the compromised system via the 'info' command.
  • It can run remote shell commands via the 'run' command.
  • It can transfer and run files from the control server via the 'execute' command.
  • It can update itself via the 'update' command.

It is still not clear if the ACBackdoor malware targets a specific group of users, or if its authors are opting for quantity over quality. As usual, the best way to protect your Windows system from this threat is to invest in the services of a trustworthy and up-to-date anti-malware tool.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to ACBackdoor may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to ACBackdoor may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Posted: November 19, 2019

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.