HelloBridge trojan poses as Heartbleed detection tool

Share this article:
With the Heartbleed bug grabbing headlines around the world, attackers are leveraging the news for their own malicious tactics.

Researchers have uncovered a new attack campaign that lures users into downloading a supposed Heartbleed vulnerability detection tool that infects computers with malware.

Dubbed the HelloBridge backdoor trojan, the malware is able to execute commands from it's command and control server that include downloading additional malicious files and exfiltrating data, according to a blog post by researchers at Dell SecureWorks Counter Threat Unit.

Samples of the trojan were first collected on April 9. At the time, SecureWorks' VirusTotal analysis service indicated that only three out of 51 anti-virus (AV) vendors detected the malware. By April 17 up to 27 AV vendors detected it.

According to researchers, this is a recent threat tactic that has predominately been used in Southeast Asia.
Share this article:

Sign up to our newsletters

More in News

Instagram iOS and Android apps vulnerable to session hijacking

Two researchers wrote about the Instagram app for iOS and Android is vulnerable to session hijacking because both send unsecured information through HTTP.

Report: Hackers stole data from Israeli defense firms

A report by Brian Krebs detailed the intrusions, which occurred between Oct. 2011 and Aug. 2012.

Neverquest trojan targets regional banks in Japan

Symantec researchers found a new variant of the banking trojan.