ACBackdoor Description

Most malware strains target Windows running machines, as this is the most popular operating system in the world undoubtedly. However, this does not mean that systems running alternative operating systems like OSX or Linux are impenetrable fortresses. Recently, researchers spotted a new malware strain that is capable of targeting various operating systems. The name of the threat is ACBackdoor, and it appears to be compatible with both Linux and the Windows OS. The Linux variant of the ACBackdoor is rather impressive. The Linux-based ACBackdoor executes its code without files, which reduces the footprint of the threat on the compromised device. Furthermore, this variant of the ACBackdoor can tamper with the properties of the running processes on the infected host. However, it would appear that the creators of the ACBackdoor likely specialize in threats targeting Linux, as the Windows variant of this threat is far less impressive, to say the least.

The ACBackdoor was first discovered as malware researchers noticed that the Fallout EK (Exploit Kit) was propagating a new strain of malware, which had never been seen before. The main use of this exploit kit leads experts to believe that the individuals behind the ACBackdoor have been active in this scene for a while and likely have generated enough capital to purchase high-end exploit kits.

Uses Generic Utility Names to Mask Itself

Once the ACBackdoor compromises a system, it will start gathering basic information about the infected host. Then, the threat will utilize HTTPS to transfer all the collected data to the server of its operators. The Linux variant of the ACBackdoor will attempt to remain under the radar of the victim by naming itself ‘Ubuntu Release Update Utility.’ On systems that are running Windows, the ACBackdoor will try to gain persistence by generating a new Windows Registry Key and masking itself as a ‘Microsoft Anti-Spyware Utility.’


There is nothing jaw-dropping when it comes to the capabilities of the ACBackdoor. However, this threat can do more than enough to cause great damage to the compromised host. The ACBackdoor can:

  • Use the ‘run’ command to run remote shell commands on the host.
  • Update itself using a command called ‘update.’
  • Use the ‘execute’ command to grab and launch files from the attackers’ server.
  • Gather data about the system using the ‘info’ command.

To avoid becoming a victim of the ACBackdoor, make sure you update all your applications regularly so that your system is not as vulnerable to threats. Also, make sure you download and install a legitimate anti-virus software suite that will protect your data and computer.

Do You Suspect Your Computer May Be Infected with ACBackdoor & Other Threats? Scan Your Computer for Threats with SpyHunter

SpyHunter is a powerful malware remediation and protection tool designed to help provide users with in-depth system security analysis, detection and removal of a wide range of threats like ACBackdoor as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover*
* Free Remover allows you, subject to a 48-hour waiting period, one remediation and removal for results found. Read our EULA, Privacy Policy & Special Discount Terms. See more Free SpyHunter Remover details.

Related Posts

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.