HelloBridge trojan poses as Heartbleed detection tool

Share this article:
With the Heartbleed bug grabbing headlines around the world, attackers are leveraging the news for their own malicious tactics.

Researchers have uncovered a new attack campaign that lures users into downloading a supposed Heartbleed vulnerability detection tool that infects computers with malware.

Dubbed the HelloBridge backdoor trojan, the malware is able to execute commands from it's command and control server that include downloading additional malicious files and exfiltrating data, according to a blog post by researchers at Dell SecureWorks Counter Threat Unit.

Samples of the trojan were first collected on April 9. At the time, SecureWorks' VirusTotal analysis service indicated that only three out of 51 anti-virus (AV) vendors detected the malware. By April 17 up to 27 AV vendors detected it.

According to researchers, this is a recent threat tactic that has predominately been used in Southeast Asia.
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

President signs Executive Order to improve payment security

President signs Executive Order to improve payment security

President Obama signed an Executive Order at the Consumer Financial Protection Bureau calling for enhanced security measures, including microchips and PINs.

Security, tech firm coalition fights Hikit actors, other advanced groups

Security, tech firm coalition fights Hikit actors, other ...

The coalition began as an effort to stop the spread of the Hikit trojan, previously known for targeting U.S. defense contractors.

Phishing email delivers keylogger malware, also takes screenshots

Phishing email delivers keylogger malware, also takes screenshots

The malware has various features, including the ability to start persistently, take screenshots and bypass user access controls.