VERY IMPORTANT

We’ve discovered an ongoing campaign in the Balkans spreading two tools having a similar purpose: a backdoor and a remote access trojan we named, respectively, BalkanDoor and BalkanRAT. BalkanRAT enables the attacker to control the compromised computer remotely via a graphical interface, i.e., manually; BalkanDoor enables them to control the compromised computer remotely via a command line, i.e., possibly en masse. ESET security products detect these threats as Win{32,64}/BalkanRAT and Win32/BalkanDoor.