PSA: Beware of Beta Bot

A few days ago the FBI issued an alert for a particularly nasty Trojan called "Beta Bot." If you have had the displeasure of having to deal with the fake FBI branded malware "FBI Moneypak," then you know what hardcore industrial grade malware is but, Beta Bot is apparently much worse. An Intelligence Note from the FBI's Internet Crime Complaint Center (IC3) says that this Trojan has the ability to block users from updating their anti-virus and anti-malware software and steal important personal information when an infected users logs into a website.

The Trojan is activated with a fake Windows “User Account Control” box that pops up for no reason. When the user clicks on it, it infects their computer, and gathers information including log-in credentials and financial information. People have reported getting infected through thumb drives and via Skype.

The Trojan isn't new according to RSA’s Limor Kessem, who described it as a type of rootkit-based financial malware back in May. Kessem, who helps run the RSA’s Cybercrime and Online Fraud Communications division, said that the creator of the Malware was trying to keep it private but would "sell binaries and provide technical support" for those interested in paying for it. Likely cyber criminals have bought the binary and are using it for various nefarious deeds.

The FBI recommends that users who have been infected with Beta Bot download updates to their anti-virus software onto a clean computer or USB drive and apply them to the infected computer.

From my personal experience, a combination of different software including Malwarebytes, Spybot and Roguekiller go a long way in fighting against such nasty malware, but mileage may vary and Roguekiller probably shouldn't be used by anyone without at least a little bit of technical know-how…

Source: Threat Post

Tweet about this on TwitterShare on FacebookShare on Google+Share on RedditEmail this to someone

Comments are closed.