ID: IRCNE2012081584
Date: 2012-08-18
According to "scmagazine", microsoft has added detection capabilities for Bafruz, a backdoor trojan capable of taking a number of malicious actions on victims' computers.
Bafruz can take control of accounts on social networking sites like Facebook and [Russian-based] Vkontakte, launch distributed denial-of-service attacks, conduct Bitcoin mining, install additional malware, and disable security products, like anti-virus, said the Tuesday blog post from the Microsoft Malware Protection Center.
The malware first displays a list of security processes being terminated. Then, alerts appear in the system tray instructing the victim to remove a "virus" by rebooting their computer. Once the victim does this, the computer will restart in safe mode, allowing Bafruz to disable installed anti-virus software.
Bafruz can then download additional malware in the background using a peer-to-peer (P2P)-based botnet at its disposal, according to Microsoft.
- 2