Home Malware Programs Backdoors Backdoor.Hartip


Posted: November 20, 2020

Backdoor.Hartip is a Trojan that is only involved in one identified attack campaign currently. Backdoor.Hartip is used as a second-stage payload, and it is a part of the arsenal of the APT10 group, an Advanced Persistent Threat (APT) actor currently. The group's recently identified campaign targets Japanese companies operating in several sectors, including the automotive and pharmaceutical industries. The group made the news recently because it managed to take advantage of the recently-discovered ZeroLogon Windows vulnerability. This is the first time that this vulnerability has been identified by a threat actor successfully, and, unfortunately, hundreds of thousands of unpatched computers are in danger because of this attack.

Apart from using the new Backdoor.Hartip, the criminals also relies on the QuasarRAT Trojan to gain control over the compromised systems. The Hartip implant is still undergoing analysis, but it is believed that the malware has typical backdoor capabilities such as:

  • Deploying and running additional binaries.
  • Collecting specific files and uploading them to the control server.
  • Executing remote commands.
  • Running PowerShell scripts.

It is safe to assume that Backdoor.Hartip also possesses the ability to evade malware detection tools and virtual environments – a common feature in high-quality malware whose authors want to keep it away from experts for as long as possible. Unfortunately, the newly discovered Backdoor.Hartip and the ZeroLogon vulnerability are likely to become even more serious problems in the upcoming months. Companies and organizations can strengthen their network security by investing in reputable anti-virus and firewall services.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Backdoor.Hartip may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.