Backdoor programs are applications that allow cybercriminals or attackers to access computers remotely. Backdoors can be installed in both software and hardware components. Many backdoor programs make use of the IRC backbone, receiving commands from common IRC chat clients.
Backdoors can also spread via malicious apps on mobile devices and smart devices. In January 2016, Android-based smart TVs were hit by a malware that installed a backdoor in the TVs and allowed the download of other malware.
Backdoors play a crucial role in targeted attacks because they can be used to take control of affected systems, allowing attackers to steal credentials and establish connections without being found. With backdoors, attackers can perform the following techniques: port binding, connect-back, connection availability abuse, legitimate platform abuse, common service protocol abuse, protocol/port listening, custom DNS lookup use, and port reuse.
To defend against backdoors, end users and administrators are advised to use firewalls, monitor network packets, and install antimalware solutions.