Trojan.Taidoor is a Trojan family that is responsible for a highly publicized string of attacks on high profile targets in recent years. The main payload of Trojan.Taidoor is installing a dangerous backdoor on the infected computer, using this backdoor to connect to a remote server in order to receive further instructions and upload sensitive data about the infected computer. The Trojan.Taidoor family of malware has been alive for various years and are mainly distributed using malicious email messages containing dangerous file attachments that may use social engineering or third party platform exploits to install Trojan.Taidoor on the victim’s computer.
Malware Attacks Related to Trojan.Taidoor
The first cases of Trojan.Taidoor attacks were first detected in 2008. These attacks received widespread attention because they were focused on important government agencies. The Trojan.Taidoor malware family has also been used to attack important targets in the manufacturing, financial and communication sectors. According to ESG security researchers, the focus of the Trojan.Taidoor attacks has shifted towards government think tanks. Since 2011, these kinds of organizations have received the majority of malicious email messages containing the Trojan.Taidoor malware infection.
Common Ways of Distributing the Trojan.Taidoor Malware Infection
Most Trojan.Taidoor infections will come from malicious DOC or PDF documents that exploit several known vulnerabilities in Adobe Acrobat Reader and Microsoft Word in order to install the Trojan’s executable file on the victim’s computer. While most vulnerabilities will be patched by the software’s developer, there is a window of time between when these vulnerabilities are first detected and when they are patched. There is also the problem of computers that are not fully updated or organizations that are slow to update their software.
Once installed, Trojan.Taidoor will connect to a remote server in order to receive instructions and relay data on the infected computer. Criminals can use Trojan.Taidoor to spy on the infected computer and retrieve sensitive documents or spy on the computer’s activities. According to ESG security researchers, it seems that the criminals behind Trojan.Taidoor will connect at certain hours to the infected computer to check for recent activity and valuable information that may be stolen from the compromised computer. If you are in a group at risk for a Trojan.Taidoor infection (for example, if you are part of a think tank organization), it is important to follow basic safety guidelines when opening unsolicited email messages and regularly scanning your computer with a fully-updated anti-malware program.
How Can You Detect Trojan.Taidoor?