Poison Ivy

Poison Ivy Description

Type: Trojan

The Poison Ivy backdoor is thus named because Poison Ivy backdoor creates a backdoor into the infected computer. The Poison Ivy backdoor helps hackers gain access to their victim's system. The Poison Ivy backdoor gained notoriety when Poison Ivy backdoor was used to hack into the RSA. The Poison Ivy backdoor was included in a zero-day Excel exploit that was sent in a very simple email containing an attachment in .xls format. This malware threat is actively updated and developed. Poison Ivy backdoor uses a graphical interface that makes Poison Ivy backdoor ideal for an inexperienced hacker. ESG security researchers strongly recommend removing the Poison Ivy backdoor with an up-to-date anti-malware program.


How a Hacker Can Use the Poison Ivy Backdoor

The Poison Ivy backdoor is extremely dangerous because it gives the hacker almost total control over the infected computer. This control is also easy to manage due to Poison Ivy's graphical user interface. Below, ESG security researchers have listed some of the common uses for the Poison Ivy backdoor:

  • Hackers can use the Poison Ivy backdoor to rename, delete, or run any file on the infected computer. A hacker can also use the Poison Ivy backdoor to upload or download any file from the victim's computer. This second feature is usually used to install additional malware on the infected computer, such as a bot software, a rootkit or an obfuscator, to make detection of the Poison Ivy backdoor problematic.
  • Hackers can use the Poison Ivy backdoor to view and edit the Windows Registry and system settings. This can be used to cause irreparable damage to an infected computer or to perform any number of malicious operations.
  • A hacker using the Poison Ivy backdoor can view, initiate, and stop file processes and services at will.
  • A hacker using the Poison Ivy backdoor can monitor or terminate all network connections or Internet traffic.
  • The Poison Ivy backdoor can be used to view all devices installed on the infected computer and even to disable or control them remotely in some cases.

There are some versions of the Poison Ivy backdoor that have been adapted to steal personal information. This is usually done by recording screenshots or using the infected computer's microphone or camera to take video or audio. These variants will often include a keylogger and will try to access passwords and other similar information.

Technical Information

Screenshots & Other Imagery

SpyHunter Detects & Remove Poison Ivy

File System Details

Poison Ivy creates the following file(s):
# File Name MD5 Detection Count
1 CLADD d228320c98c537130dd8c4ad99650d82 0

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.