HelloBridge trojan poses as Heartbleed detection tool

Share this article:
With the Heartbleed bug grabbing headlines around the world, attackers are leveraging the news for their own malicious tactics.

Researchers have uncovered a new attack campaign that lures users into downloading a supposed Heartbleed vulnerability detection tool that infects computers with malware.

Dubbed the HelloBridge backdoor trojan, the malware is able to execute commands from it's command and control server that include downloading additional malicious files and exfiltrating data, according to a blog post by researchers at Dell SecureWorks Counter Threat Unit.

Samples of the trojan were first collected on April 9. At the time, SecureWorks' VirusTotal analysis service indicated that only three out of 51 anti-virus (AV) vendors detected the malware. By April 17 up to 27 AV vendors detected it.

According to researchers, this is a recent threat tactic that has predominately been used in Southeast Asia.
Share this article:

Sign up to our newsletters

More in News

Five schools earn NSA's excellence in cyber ops distinction

The schools earned NSA's Centers for Academic Excellence designation for their cyber offerings.

With RATs at their disposal, 419 scammers target businesses

With RATs at their disposal, 419 scammers target ...

A new report reveals how Nigeria's 419 scammers are spreading malware to pocket business funds.

InfoSec pros worried BYOD ushers in security exploits, survey says

InfoSec pros worried BYOD ushers in security exploits, ...

A study by the Information Security Community on LinkedIn found most organizations don't have proper polices and support for BYOD.