Know Your Malware: Ryknos Removal
Ryknos is an IRC-controlled backdoor that provides the attacker with unauthorized remote access to a compromised computer. The intruder can download and execute arbitrary files, retrieve system and network information, send messages to specified remote hosts. The threat silently downloads from the Internet and installs another backdoor called Looksky.b. Ryknos uses the infamous First4DRM rootkit to cloak itself in the system. It is able to bypass Windows Firewall. The backdoor attempts to automatically run on every Windows startup, but fails.
Related files: $sys$drv.exe, bk.exe
• Allows remote user connection
• Connects itself to the internet
• Hides from the user
• Stays resident in background Remove Ryknos, removal instructions
Back to: PC Security, privacy news