SHARE

This post is to inform you about a latest malware that is moving from a machine to another one named ‘Bladabindi.’ This malware found on a large scale in India, Government of India’s CERT-In or Computer Emergency Response Team has started warning Indian computer users to beware of it.

This malware also can be found outside India too, and it is too dangerous as it does all the thing that can exploit the system to an attacker, like it can:

  • Steal Personal Information
  • Give Backdoor access to the system
  • Spread to other computers through USB flash drive (pen drives, hard disks) and other removable drives.
  • Capture the computer’s web camera
  • Steal passwords stored in internet browsers such as Mozilla Firefox, Google Chrome or Opera
  • Store DynDNS and No-IP/DUC information too

The stolen information then, forwarded to the attackers. Hundreds of computers already have became victim of this malware.
This malware is being downloaded from the Malacious and Hacked websites, so it is most important for you , if you download an .exe file from Internet, as the file extension of this malware is .exe and once executed will spread in the computer and will start automatically on computer starts, it means you will be never able to delete it until you completely re-install your copy of Windows.

Indian Computer Emergency Response Team found 13 different version of this malware.

As I said above, the .exe file once executed will spread in the computer and will start automatically on computer starts, along with this for your info, we want to tell some of the locations taken by the malware on your system:

  • %TEMP%\svhost.exe
  • %TEMP%
  • %APPDATA%
  • %USERPROFILE%

This Malware is connecting to the remote servers with the following addresses:

  • fox2012.no-ip.org
  • jn.redirectme.net
  • moudidz.no-ip.org
  • reemo.no-ip.biz

Microsoft has detetcted this malware and all of its security tool —Microsoft Safety Scanner, Microsoft Windows Malicious Software Removal Tool and Windows Defender for Windows 8.1, or Microsoft Security Essentials for Windows 7 and Windows Vista, able to detect and remove it.

Security steps you should take while surfing on Internet:

  • Always use an Antivirus program for your system
  • Do not download any suspicious email attachment
  • Do not open any of the SPAM mail
  • Do not download any .exe suspicious file from Internet in the name of a song, movie, game…
  • At Last you should change your password and use a Strong Password with this PASSWORD GENERATOR.

NO COMMENTS

LEAVE A REPLY

This site uses Akismet to reduce spam. Learn how your comment data is processed.