Browse Definitions :
Definition

Portal of Doom

Contributor(s): Matthew Haughn

Portal of Doom (abbreviated as PoD and sometimes spelled all one word, as PortalOfDoom) is a Trojan horse that hijacks the computers of unsuspecting Windows users running old operating systems. Computers running Windows 95, 98, ME, NT, XP and Vista are vulnerable to the Trojan.

PoD affords the attacker near-complete remote control of the target system. The Trojan enters through a back door on vulnerable machines, typically through TCP ports 9872-9875 and UDP ports 10067, 10167. Port 9875, in particular, is notorious for being exploited by this malware and as a result is sometimes referred to as the Port of Doom.  

The Trojan launches from the registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Run. Portal of Doom can enter without causing any behavior that alerts the user and does not have to trick the user into running an executable file manually. It typically installs to C:\windows\system and its running process names can vary.

Malicious hackers can use PoD to look for sensitive data, such as credit card numbers and information that enables identity theft, or just to cause mischief. PoD was written in MS Visual Basic.

This was last updated in March 2016

Continue Reading About Portal of Doom

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

SearchCompliance

  • risk assessment

    Risk assessment is the identification of hazards that could negatively impact an organization's ability to conduct business.

  • PCI DSS (Payment Card Industry Data Security Standard)

    The Payment Card Industry Data Security Standard (PCI DSS) is a widely accepted set of policies and procedures intended to ...

  • risk management

    Risk management is the process of identifying, assessing and controlling threats to an organization's capital and earnings.

SearchSecurity

SearchHealthIT

SearchDisasterRecovery

  • call tree

    A call tree is a layered hierarchical communication model that is used to notify specific individuals of an event and coordinate ...

  • Disaster Recovery as a Service (DRaaS)

    Disaster recovery as a service (DRaaS) is the replication and hosting of physical or virtual servers by a third party to provide ...

  • cloud disaster recovery (cloud DR)

    Cloud disaster recovery (cloud DR) is a combination of strategies and services intended to back up data, applications and other ...

SearchStorage

Close