Search My Blog

Saturday, September 28, 2013

Internet Crime Complaint Center (IC3) | Beta Bot malware blocks users anti-virus programs

This "New" Windows Malware called "Beta Bot". Reminds me of a few from Win98 and XP in the Past. And it sounds just as Dangerous. Read More...

Don

Beta Bot malware blocks users anti-virus programs

The FBI is aware of a new type of malware known as Beta Bot. Cyber criminals use Beta Bot to target financial institutions, e-commerce sites, online payment platforms, and social networking sites to steal sensitive data such as log-in credentials and financial information. Beta Bot blocks computer users’ access to security websites and disables anti-virus programs, leaving computers vulnerable to compromise.

Beta Bot infection vectors include an illegitimate but official looking Microsoft Windows message box named “User Account Control” that requests a user’s permission to allow the “Windows Command Processor” to modify the user’s computer settings. If the user complies with the request, the hackers are able to exfiltrate data from the computer. Beta Bot is also spread via USB thumb drives or online via Skype, where it redirects the user to compromised websites.

*
Figure 1, Beta Bot “Windows Command Process” message box

Read More...
http://www.ic3.gov/media/2013/130918.aspx

The FBI’s Internet Crime Complaint Center (IC3) has published an alert to warn users about a relatively new piece of malware dubbed Beta Bot. Beta Bot is mainly used by cybercriminals to steal personal and financial information. Social media sites, e-commerce sites, banks and online payment platforms are the main targets.

What’s interesting about this threat is that it’s designed to disable antivirus applications, and block users from accessing security websites that might help them clean up the infection.

Beta Bot is distributed via various methods, including USB drives or via Skype (users are redirected to malicious websites). The infection can start with a legitimate-looking fake User Account Control window which requests permission to allow “Windows Command Processor” to make changes to the system. If the victim complies, the attackers gain access to their system.

The FBI advises users not to authorize Windows Command Processor to make any changes to the system in case they see a pop-up window such as the one presented in the screenshot.

Red More...
http://news.softpedia.com/news/FBI-Warns-of-Beta-Bot-Malware-384815.shtml



New Commercial Trojan #INTH3WILD: Meet Beta Bot

Categories: #inth3wild,Fraud Intelligence,FraudAction

By Limor S. Kessem, Cybercrime and Online Fraud Communications Specialist, RSA

It appears that a much anticipated event has finally transpired in the cybercrime arena, with the release and active sale of a new commercially-available Trojan family that has begun around January this year, circulating under the name Beta Bot.

RSA researchers have recently come across samples of this user-mode rootkit, analyzing its behind-the-scenes infrastructure. Beta Bot actually started out as an HTTP bot[1] and not a banking Trojan, but it has since evolved, donned a trigger list, and was repurposed for financial fraud that includes targets such as banks, ecommerce and even Bitcoin wallets.

According to research performed by RSA it was inferred that Beta Bot (alias: Troj/Neurevt-A) is not the creation of an amateur. The malware is a persistent Ring-3 rootkit with layers of anti-security protection (such as not executing within virtual machines, thus avoiding sandboxes), AV-disabling features, and even a DNS redirecting scheme to isolate bots from security-themed online resources, including RSA’s official website.

Examining the Features of Beta Bot

Read More...
https://blogs.rsa.com/new-commercial-trojan-inth3wild-meet-beta-bot/


FBI Warning on “Beta Bot" Malware (2013)


FBI - Google Search
FBI
Infosecurity - FBI Issues New Warning on Old Malware: Beta Bot
Internet Crime Complaint Center (IC3) | Beta Bot malware blocks users anti-virus programs
FBI: “Beta Bot” malware kills your anti-virus and steals data
FBI warning Beta Bot - Google Search
FBI warning Beta Bot - Google Search
FBI warning Beta Bot - Google Search
FBI Warns of Beta Bot Malware
New Commercial Trojan #INTH3WILD: Meet Beta Bot » Speaking of Security - The RSA Blog and Podcast
Virus info Linux and Windows
trinity - Google Search
DonsDeals: BBC NEWS | Programmes | Click | BBC team exposes cyber crime risk
DonsDeals: Updated Conficker Ropes Victims into Rogue Antivirus Scam
DonsDeals: Jotti's malware scan
DonsDeals: Free Agent: Linux Firewalls and Antivirus--Needed or Not? - PCWorld
DonsDeals: Immunet v2 update on the way: adds multi-engine malware and virus scanning to cloud-powered core
DonsDeals: The first Linux botnet? | ITworld
DonsDeals: PC Hell: Free RootKit Removal Tools and Software
DonsDeals: Trinityhome : New TRK 3.4: easier than ever before
DonsDeals: Conficker Worm Called An Epidemic
DonsDeals: Setting up Avast Antivirus to Protect your Windows PC...
DonsDeals: VirSCAN.org - Free Multi-Engine Online Virus Scanner v1.02, Supports 37 AntiVirus Engines!
DonsDeals: M86 Security Finds URL Filters Anti Virus Scanners Ineffective
Jotti's malware scan
VirSCAN.org - Free Multi-Engine Online Virus Scanner v1.02, Supports 36 AntiVirus Engines!
DonsDeals: Probably the Best Free Security List in the World
DonsDeals: Re: Viruses now penetrating deeper | Tech News on ZDNet
DonsDeals: Avast! AntiVirus For Both Window and Linux Home Edition
remove sasser virus - Google Search
remove sasser virus - Google Search
wine gecko - Google Search
crafted.win32file.ols - Google Search
DonsDeals: Best Free Rootkit Scanner/Remover
DonsDeals: New Kneber Botnet Tied To 75 000 Systems
DonsDeals: Facebook Users Targeted By Fake Virus Alert
Clam AntiVirus
avast! Linux Home Edition
ClamWin CD/USB - HowTo
Free Antivirus for Windows - Open source GPL virus scanner
WinPlanet Downloads for Windows Desktop Utilities
DonsDeals: Download Comodo System-Cleaner
DonsDeals: Firewall & Antivirus Software Suite - Internet Security | Comodo
DonsDeals: Free Desktop PC Security - Free Downloads Keep your PC Safe | Comodo
Trojans - Google Search
Trojan horse (computing) - Wikipedia, the free encyclopedia
worms computer - Google Search
Computer worm - Wikipedia, the free encyclopedia
rootkits computer - Google Search
How to Detect Rootkits on a Computer | eHow.com
Rootkit - Wikipedia, the free encyclopedia
trojans computer - Google Search
Trojan - Trojans and Viruses in Computer Networking
Download System-Cleaner
Comodo - Google Search
Firewall & Antivirus Software Suite - Internet Security | Comodo
DonsDeals: There are Viruses, Trojans, Worms and Rootkits, that can infect a Linux OS
DonsDeals: Probably the best free security list in the world
Remote PC through VPN Access - Secure Remote Access | Comodo
News | VirusBlokAda
online virus scan file upload - Google Search
VirusTotal - Free Online Virus, Malware and URL Scanner
Antivirus scan for 5cb14d0745d7b09bcbeba3114cc06c5f at UTC - VirusTotal
trojan.tdss-7762 - Google Search
Clam AntiVirus
New Linux Rootkit Emerges | threatpost
CrowdStrike: HTTP iframe Injecting Linux Rootkit
The Rootkit Hunter project
Lynis
Unhide homepage - Welcome
Google Translate - http://www.chkrootkit.org/download.htm
klamav - Google Search
KlamAV - ClamAV for KDE | Free Development software downloads at SourceForge.net
KlamAV GUI Screen Animation
KlamAV
Download RogueKiller (Official website)
RogueKiller - CNET Download.com
avast! blog » Linux Trojan “Hand of Thief” ungloved
Hand of Thief malware could be dangerous (if you install it) - TechRepublic
Hand of a Thief malware targets Linux users’ bank accounts | Apps and Software | Geek.com
Linux Today - Hand of a Thief malware targets Linux users' bank accounts
Linux Virus - Google Custom Search on DonsDeals Blog
DonsDeals: CrowdStrike - HTTP iframe Injecting Linux Rootkit (Vrius info)
DonsDeals: ‪TDL4 MBR Rootkit Virus Alureon TDSS Removal by Britec‬‏ - YouTube
best secutriy list - Google Custom Search on DonsDeals Blog
best security list 2013 - Search on DonsDeals Blog
DonsDeals: Privacy = Security and Security = Privacy...
Search results for Gizmo's Freeware website
Probably the Best Free Security List in the World
DonsDeals: Probably the Best Free Security List in the World - Updated 28. August 2012
Best Security List - Google Custom Search on DonsDeals Blog
DonsDeals: Linux users be Aware of this Trojan - Hand of Thief malware could be dangerous (if you install it) - TechRepublic
Virus Software and How To's
Virus Effect Remover | Download Virus Effect Remover software for free at SourceForge.net
RegRun Reanimator - free Trojan/Adware/Spyware removal tool - Greatis Software
Emsisoft BlitzBlank - Removes malware infections that nothing else removes
Threat Killer - Security Solutions & Information Technology - NoVirusThanks
Probably the Best Free Security List in the World
F-Secure Labs
Easy Clean, Free Virus Removal - Free Download | F-Secure
How to Use Stinger | McAfee Free Tools

Commercial free virus removal tools
PCH Search & Win: free virus removal
Security Response Removal Tools - Symantec Corp.
Virus Removal Tools
PC Tools AntiVirus Free - Download Antivirus and Antispyware Software for Windows®
Free Virus Removal Protection | Virus Removal Tools | McAfee
Free Online Tools

Virus info on trojan.bat.killproc.a that was on the Dell Inspiron 6000 Laptop
trojan.bat.killproc.a - Google Search
How to remove Trojan.Bat.Killproc.A
Trojan.BAT.KillProc.A [Ikarus] | ThreatExpert Statistics
Encyclopedia entry: Trojan:BAT/Killav.Z - Learn more about malware - Microsoft Malware Protection Center
Trojan.BAT.KillProc.A aka Troj/BAT.KillProc-A Characteristics and Removal Instructions
Troj/KillProc-A - Viruses and Spyware - Threat Analyses - Threat Center - Sophos

Virus Info
Operation Bot Roast - Google Search
FBI DOJ Reveal Operation Bot Roast
Federal Bureau of Investigation - Press Room - Headline Archives - OPERATION: BOT ROAST‘Bot-herders’ Charged as Part of Initiative
TREND MICRO - Security Information:
top virus threats - Google Search
Virus Threats and Analysis
CNET Security Center - CNET.com
Massive Web attack gains momentum | Tech news blog - CNET News.com
Report Phishing Sites
reaper computer virus - Google Search
25th anniversary of the computer virus? Not so fast | Tech news blog - CNET News.com
25th anniversary of the computer virus? Not so fast | The Digital Home - CNET Blogs
computer virus that infects people - Google Search
computer virus that infects people - Google Book Search
RFID Viruses and Worms
Faculty of Science : Vrije Universiteit
Secunia reviews - Google Search

Secunia Security Patch Updater
PSI - Personal Software Inspector - Secunia
Secunia - Google Search
Vulnerability and Virus Information - Secunia
Secunia reviews - Google Search
Search Advisory, Vulnerability, and Virus Database - Secunia
avast! Linux Home Edition 1.x - Vulnerability Report - Secunia
Search Advisory, Vulnerability, and Virus Database - Secunia
decompression bomb - Google Search
Zip bomb - Wikipedia, the free encyclopedia
Know This Term : "Decompression Bomb"
AERAsec - Network Security - Eigene Advisories
Boot sector virus repair
bios virus fix vista - Google Search

Online Virus Scanners
Online malware scan
Free Virus Scan - Kaspersky Lab
online virus scan free - Google Search
F-Secure Support pages: F-Secure Online Virus Scanner
Free online antivirus. Download ActiveScan 2.0 and clean your PC. Panda Security
Free online antivirus. Download ActiveScan 2.0 and clean your PC. Panda Security
Trend Micro HouseCall - Free Online Virus and Spyware Scan - Trend Micro USA
BitDefender Online Scanner - Free Online Virus Scan
BitDefender Online Scanner FAQ
Hbinst.exe - Google Search
Removing Confounding Conficker
w32/magistr.a@mm - Google Search

No comments: