Dorkbot Malware From 2012 Resurfaces and Becomes Major Threat

Dorkbot, a 6-yer old Banking Malware has resurfaced in the wild to become a major threat, according to recent reports.

The Dorkbot banking malware reportedly started it’s malicious activity back in 2012 but now it seems as if this virus has started to attack banks once again. This updated version of Dorkbot was ranked second in the world back in 2012 and according to Check Point’s report it may now be back to wreak havoc and cause damage to banking institutions on a major level.

What Is Dorkbot?

Dorkbot is a banking malware which was used by hackers to target Skype accounts plus Facebook and Twitter accounts as well. The malware has been reported to try to trick victims to download an archive which contained a message in it, called “Is this your new profile pic?”. The .zip attachment was reportedly opened by the victim and then the malware locks the victimized computer. But this is not all that it does as the Dorkbot virus locks the malware into a botnet infection and the contacts of the victims were sent to the malicious archive.

The virus has evolved in a new updated variant which basically makes it an advanced RAT (Remote Access Trojan), which is configured to steal user information, such as:

  • Passwords and account names.
  • Keystrokes typed.
  • Logged in details when the user attempts to log in a banking site.

According to Check Point researchers, the malware was created to allow the attacker controlling it capabilities to perform remote code execution attacks with the primary idea to manually steal saved sensitive banking data and this means that the hacker may even be able to look into your computer’s history to check for passwords or data you have previously entered. The new injection capabilities, used by the malware has (Read more...)

*** This is a Security Bloggers Network syndicated blog from How to, Technology and PC Security Forum | authored by Vencislav Krustev. Read the original post at: