Microsoft targets Bafruz trojan

By

Trojan targets Facebook, mines Bitcoins and disables anti-virus.

Microsoft has added detection capabilities for Bafruz, a backdoor trojan capable of taking a number of malicious actions on victims' computers.

Microsoft targets Bafruz trojan

Bafruz can take control of accounts on social networking sites like Facebook and [Russian-based] Vkontakte, launch distributed denial-of-service attacks, conduct Bitcoin mining, install additional malware, and disable security products, like anti-virus.

The trojan resembles traditional rogue anti-virus software as it tries to get on users' machines, minus the portion where it demands ransoms from users.

The malware first displayed a list of security processes being terminated. Alerts then appeared in the system tray instructing the victim to remove a "virus" by rebooting their computer. Once the victim does this, the computer will restart in safe mode, allowing Bafruz to disable installed anti-virus software.

Bafruz can then download additional malware in the background using a peer-to-peer -based botnet at its disposal, Microsoft said in a blog on its Malware Protection Center. 

Microsoft has now added Bafruz to the list of threats detected by its Malicious Software Removal Tool.

The update came Tuesday, along with nine patches for 26 security vulnerabilities.

This article originally appeared at scmagazineus.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

NSW Police to embark on $126m IT overhaul

NSW Police to embark on $126m IT overhaul

CBA looks to GenAI to assist 1200 'security champions'

CBA looks to GenAI to assist 1200 'security champions'

Australia's super funds told to assess authentication controls

Australia's super funds told to assess authentication controls

WestJet probes cyber security incident

WestJet probes cyber security incident

Log In

  |  Forgot your password?