HelloBridge trojan poses as Heartbleed detection tool

Share this article:
With the Heartbleed bug grabbing headlines around the world, attackers are leveraging the news for their own malicious tactics.

Researchers have uncovered a new attack campaign that lures users into downloading a supposed Heartbleed vulnerability detection tool that infects computers with malware.

Dubbed the HelloBridge backdoor trojan, the malware is able to execute commands from it's command and control server that include downloading additional malicious files and exfiltrating data, according to a blog post by researchers at Dell SecureWorks Counter Threat Unit.

Samples of the trojan were first collected on April 9. At the time, SecureWorks' VirusTotal analysis service indicated that only three out of 51 anti-virus (AV) vendors detected the malware. By April 17 up to 27 AV vendors detected it.

According to researchers, this is a recent threat tactic that has predominately been used in Southeast Asia.
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

ISSA tackles workforce gap with career lifecycle program

ISSA tackles workforce gap with career lifecycle program ...

On Thursday, the group launched its Cybersecurity Career Lifecycle (CSCL) program.

Amplification DDoS attacks most popular, according to Symantec

Amplification DDoS attacks most popular, according to Symantec

The company noted in a whitepaper released on Tuesday that Domain Name Server amplification attacks have increased 183 percent between January and August.

Court shutters NY co. selling security software with "no value"

A federal court shut down Pairsys at the request of the Federal Trade Commission.