Threat Description

Master's Paradise


Category: Malware
Platform: W32
Aliases: Master's Paradise, Backdoor.Krass , Hacker's Paradise


Master's Paradise is not a virus or a trojan. Actually things like NetBus, Back Orifice, Deep Throat, Master's Paradise and Hacker's Paradise are called 'backdoors' or hacker's remote access tools. These tools being purposely or unintentionally installed on any computer provide hidden access to this computer for hackers - i.e. open a 'backdoor' in remote computer system. These tools are quite widespread and used frequently to steal data and delete files on peoples machines.


Automatic action

Once detected, the F-Secure security product will automatically disinfect the suspect file by either deleting it or renaming it.

More scanning & removal options

More information on scanning or removal options is available in the documentation for your F-Secure security product on the Downloads section of our Home - Global site.

You may also refer to the Knowledge Base on the F-Secure Community site for more information.

Contact Support

For further assistance, F-Secure customers can request support online via the Request support or the Chat forms on our Home - Global site.

Technical Details

Master's Paradise has client and server parts. The server part has to be installed on remote system to provide access to it. Originally Master's Paradise was spread with the game called 'Pie Bill Gates'. When user runs the game (that was actually a self-extracting archive), the server part of Master's Paradise is installed on his system. Two files are copied to \Windows\ directory: SysEdit.EXE and KeyHook.DLL. Execution of SysEdit.EXE is added to Windows registry to the following key:


With these settings the server part of Master's Paradise will be launched each time Windows starts and will keep listening to certain TCP/IP ports for commands from client part. The client part allows a hacker to control remote computer system where the server part is installed and activated. The client part has dialog interface which makes it easier to manipulate remote system objects.

Capabilities of Master's Paradise and Hacker's Paradise include:

1. Access to all media available on target computer  2. Sending, receiving and deleting files  3. Creating and deleting folders  4. Sending and receiving keystrokes, blocking keyboard access  5. Sending messages and receiving answers from user  6. Controlling any application windows and all their components  7. Highlithing application windows (yellow flash)  8. Receiving screendump in multiple resolutions (can be saved to file)  9. Total or partial control over mouse in Full-Screen Control mode  10. Controlling server part: enabling, disabling, setting password, info  11. Restarting computer  12. Getting RAS information: provider, user name and password  13. Batch processing for automatic poll data from remote computers   

Master's Paradise has some addons (depending on its version) - DNS Master, IP Master, Ping Bomber and Port Scanner. German and English interfaces are available.

Master's Paradise was created by Dan Lehmann from Munich Brain House, one of German's hacker groups.

Hacker's Paradise backdoor is a variant of Master's Paradise but it is lacking some bugs and is using different TCP/IP ports.

Technical Details:Alexey Podrezov, F-Secure


Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Now

Give And Get Advice

Give advice. Get advice. Share the knowledge on our free discussion forum.

Learn More