Traditionally, attackers would place a backdoor on a compromised system. If the front door provides authorized access to legitimate users, backdoor applications allow attackers to return to an exploited system and have access to services and data.
Unfortunately, classic backdoors provided limited interactivity, and were not designed to be persistent on compromised systems for very long time frames. This was viewed as a significant shortcoming by the attacker community, because once the backdoor was discovered and removed, there was additional work required to repeat the compromise steps and exploit the system, which was made even more difficult by forewarned system administrators defending the network and its resources.
Attackers now focus on persistent agents that are properly employed and are more difficult to detect. The first tool we will review is...