EYService
EYService is a backdoor Trojan that that has not been used widely, but the likely reason for this is the fact that it is the product of Nazar, an Advanced Persistent Threat (APT) group that is likely to go after high-value targets instead of large-scale attacks. The EYService backdoor Trojan has been given this name because of the fake name it uses to disguise its components on the victims' computers.
The EYService implant works as a passive backdoor – this means that it will not complete any tasks unless it receives a special activation network packet from the control server. This reduces the amount of noise that the backdoor Trojan generates significantly, and it may be difficult for some security software to identify its attack until it is too late.
Surprisingly, the EYService backdoor has a lot of features, and it provides its operators with full access to the remote host. Some of the notable commands that EYService can execute will allow the attacker to:
- Launch a keylogger.
- Shutdown or restart the computer.
- List partitions, files, and hard drives.
- Manage files.Record audio via the microphone.
- Get software and hardware information.
- List installed programs.
The EYService backdoor is very advanced, but it should be easy to stop and detect with the use of an up-to-date anti-malware application.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.