|
|
|
|
|
|
by fulafel
3254 days ago
|
|
|
If you scroll back, this started with "Why is this being called a backdoor? Is there any indication that that's what it is?". I linked to a glossary entry I think reflects the common usage in malware context. Any payload is not a back door, payloads can be also ransomware, ddos bots, etc. |
|
|
FWIW, I don't think that glossary entry you linked is very good. It calls a backdoor an application, but a backdoor is not always an application -- which I think you already know & mentioned in this thread. A RAT (remote access tool) is definitely not synonymous with backdoor in the common understanding. A backdoor can also be an open port, a bad password, or a variety of other entry methods. Wikipedia's entry on backdoor is better than the one you linked. https://en.m.wikipedia.org/wiki/Backdoor_(computing)
If a backdoor were always an application, and that was the common definition, then I think the question above wouldn't have been asked. One problem is that backdoor sometimes implies a vulnerability exists before any malware is installed. To call something a backdoor can send the wrong message about what someone concerned about this should do to mitigate the risks. Knowing it's a phishing attack is pretty important because it means you can and should be suspicious of apps asking for credentials and permissions. If you think it's primarily a back door, you might wrongly assume that you need to update a security patch, or that there's nothing you can do to reduce your risks.
This is why I believe @debatem1's question is reasonable and agree with it - to title this a backdoor is technically true, but it seems misleading.