-- Update February 2, 2007--
This threat is considered to be a Low-Profiled risk due to media attention at: http://blog.washingtonpost.com/securityfix/2007/02/official_superbowl_site_pushin.html?nav=rss_blog
An EXTRA.DAT for Backdoor-DKT is currently available via the Extra.dat Request Page.
This is a trojan detection. Unlike viruses, trojans do not self-replicate. They are spread manually, often under the premise that they are beneficial or wanted. The most common installation methods involve system or security exploitation, and unsuspecting users manually executing unknown programs. Distribution channels include email, malicious or hacked web pages, Internet Relay Chat (IRC), peer-to-peer networks, etc. This trojan will be downloaded when exploited the MS07-004 vulnerability, visiting the SuperBowl 2006 webpage (The Dolphin Stadium website).
This variant will be dropped by a Generic Dropper.p, which will be downloaded from an exploitation of MS07-004, which can be triggered visiting special crafted webpages.
A combination of the latest DATs and the Engine will be able to detect and remove this threat. AVERT recommends users not to trust seemingly familiar or safe file icons, particularly when received via P2P clients, IRC, email or other media where users can share files.