Software:Hupigon
Type | Backdoor |
---|---|
Author(s) | Red Apollo |
Operating system(s) affected | Windows, Linux, iOS, Android |
Hupigon (also Graftor) detected as (Backdoor.Win32.Hupigon, Trojan.Win32.Hupigon, Backdoor.Win32.Graftor, and Trojan.Win32.Graftor) is a backdoor Trojan. Its first known detection goes back to November, 2008, according to Securelist from Kaspersky Labs.[1]
This malicious software, which usually should be a portable executable (and may be packed with UPX), is mostly used in order to connect a (worldwide) group of victimized PCs and form a botnet (also known as a zombie network). The software is able to spread through networks in order to infect other computers as computer worms do (see Conficker). The difference is that such backdoors do not spread automatically (as worms do), but are started through a command and control-center who is supervising them.
In the Hupigon family, there are a large number of variants. They are written in Borland Delphi.
Other aliases
- Trojan.Win32.Boht (Kaspersky Labs and Fortinet)
- Backdoor:Win32/Bezigate (Microsoft)
- Backdoor.Win32.Graftor (Bitdefender) [2]
External links
- Analysis of a file - VirusTotal
- Analysis of a file - Threat Expert
References