Friday, July 13, 2012

AspxSpy Back dOOr was found in my IIS server

Someone aimed to control and remote to my website in IIS webserver by using AspxSpy back dOOr file and fortunately I have found and deleted it on time  successfully.

I found it on 13rd July 2012, the file is be able to control a whole compromised  system either IIS or SQL server.

the AspxSpy back door authorized you can  manage everything in the system, delete, remove, update and rename files as well.

That was very scared.

And now I am tracking all the files one by one to find whether where they are hiding it more.

Aspxspy is a Trojan horse ASP dot net script that provides an unauthorized remote user with access to a compromised IIS webserver.This tools allow hackers control over a compromised system.

Attacker can also use this attack to places web malware in infected website in fact they are of average size for a malware attacks of web applications.
By: Han4U

No comments: