HDoor
HDoor is a dated backdoor Trojan that is of Chinese origin and has been used by the infamous Naikon APT hacking group. Another high-profile threat actor to make use of HDoor's features is Cycldek – a Chinese hacking organization believed to target networks in Southeastern Asia. However, instead of using the fully-fledged version of the HDoor backdoor, they use a custom-built one that has been stripped out of some of its features.
It appears that the primary purpose of Cycldek's HDoor variant is to look for open ports and transfer data between local network hosts that may not be connected to the Internet.
The full version of HDoor is much more functional, and it enables remote attackers to disable anti-virus software and manage the operating system's security policies. On top of that, the HDoor can execute remote commands, collect files and perform distributed-denial-of-service attacks.
Just like Royal Road, HDoor is an old tool that Chinese hackers appear to love to include in their attacks campaigns. Thankfully, this outdated tool can be detected by anti-virus software despite the attempts of different hacking groups to make the HDoor backdoor more contemporary.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.