16 Aug '12, 6pm

فايروس بفروز يزرع نفسه بالجهاز ويقوم بتعطيل برامج الحمايه ثم يقوم بالتنصت على فيسبوك ويحمل برنامج bitcoin لجمع الاموال

There's a new family of malware that's using a complex set of capabilities to disable antimalware and listen in on sessions between users and some social networks. Bafruz is essentially a backdoor trojan that also is creating a peer-to-peer network of infected computers. This month's Microsoft Malicious Software Removal Tool (MSRT) release will include the Win32/Bafruz family. Bafruz’s capabilities include the ability to uninstall antivirus and security products, intercept social media communications sites like Facebook and Vkontakte, install Bitcoin mining software, and perform denial of service attacks. It also communicates with other infected machines across a peer-to-peer protocol in order to download new components onto host machines, according to the Microsoft Malware Protection Center . The payload seems to start by terminating a long list of security processes list...

Full article: http://threatpost.com/en_us/blogs/bafruz-backdoor-disable...

Tweets