|
|
|
|
|
|
by dahart
3254 days ago
|
|
|
Okay, I think we're agreeing on the definition. You do agree that this particular backdoor depends on a successful phishing attack, right? FWIW, I don't think that glossary entry you linked is very good. It calls a backdoor an application, but a backdoor is not always an application -- which I think you already know & mentioned in this thread. A RAT (remote access tool) is definitely not synonymous with backdoor in the common understanding. A backdoor can also be an open port, a bad password, or a variety of other entry methods. Wikipedia's entry on backdoor is better than the one you linked. https://en.m.wikipedia.org/wiki/Backdoor_(computing) If a backdoor were always an application, and that was the common definition, then I think the question above wouldn't have been asked. One problem is that backdoor sometimes implies a vulnerability exists before any malware is installed. To call something a backdoor can send the wrong message about what someone concerned about this should do to mitigate the risks. Knowing it's a phishing attack is pretty important because it means you can and should be suspicious of apps asking for credentials and permissions. If you think it's primarily a back door, you might wrongly assume that you need to update a security patch, or that there's nothing you can do to reduce your risks. This is why I believe @debatem1's question is reasonable and agree with it - to title this a backdoor is technically true, but it seems misleading. |
|
|