All the latest UK technology news, reviews and analysis


FBI warns of bank-robbing Beta Bot malware that disables antivirus

20 Sep 2013
Security padlock image

The FBI's Internet Crime Complaint Centre (IC3) has warned businesses to be wary of new malware called Beta Bot capable of disabling antivirus programs.

The IC3 issued the warning in a public blog post, confirming that it has seen the malware used to target a variety of organisations.

"The FBI is aware of a new type of malware known as Beta Bot. Cyber criminals use Beta Bot to target financial institutions, e-commerce sites, online payment platforms, and social networking sites to steal sensitive data such as login credentials and financial information. Beta Bot blocks computer users' access to security websites and disables antivirus programs, leaving computers vulnerable to compromise," read the warning.

The intelligence report added that the malware usually looks to trick users into downloading it by masquerading as a legitimate Microsoft Windows message, asking the user to allow the "Windows Command Processor" to modify the user's computer settings.

The FBI's IC3 said it has also seen incidents of the malware spreading via USB sticks and Skype, and that it can steal a variety of data from the infected machine. "If the user complies with the request, the hackers are able to exfiltrate data from the computer. Beta Bot is also spread via USB thumb drives or online via Skype, where it redirects the user to compromised websites," read the post.

On the upisde, the FBI security centre said there are steps victims of the Beta Bot malware can take. "Remediation strategies for Beta Bot infection include running a full system scan with up-to-date antivirus software on the infected computer," read the report.

"If Beta Bot blocks access to security sites, download the latest antivirus updates or a whole new antivirus program onto an uninfected computer, save it to a USB drive and load and run it on the infected computer. It is advisable to subsequently reformat the USB drive to remove any traces of the malware."

Since the IC3 report went live, many security firms have questioned whether the malware is new. Russian security firm Kaspersky reported that Beta Bot was actually discovered at the start of the year and is often thought of as a low-level threat, leaving it unclear why the agency is making such a fuss about it.

"While the FBI refers to Beta Bot as new, the malware surfaced at the beginning of the year as an HTTP bot and later expanded its capabilities that spring," said Kaspersky's blog post.

"Beta Bot was never thought to have been as sophisticated as Trojans designed specifically for bank fraud, so it's unclear if the FBI's warning coincides with a new rash of Beta Bot infections or a new set of technical capabilities for the malware."

Banking-focused malware is an ever-present problem facing the security industry, with criminals creating increasingly sophisticated attacks. Earlier this month Trend Micro researchers detected evolved versions of the notorious Citadel banking Trojan targeting Japanese computer users.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson
About

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus
Poll

BYOD vs CYOD vs BYOC poll

Which approach is your firm taking to managing employees' mobile devices?
24%
14%
4%
17%
29%
12%

Popular Threads

Powered by Disqus
Galaxy S5 vs iPhone 5S vs Nexus 5 showdown

Galaxy S5 vs iPhone 5S vs Nexus 5

We speed test three of the most popular smartphones

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv33

Data protection: the key challenges

Deduplication is a foundational technology for efficient backup and recovery

rdc2

iPad makes its mark in the enterprise

The iPad can become a supercharged unified communications endpoint, allowing users to enhance their productivity

Business Analyst (Agile / Scrum, BDD) - 12 months+ to £415 p/d

Business Analyst (Agile / Scrum, BDD & Software Development...

Systems Test Analyst - Ecommerce

Systems Test Analyst required with experience within...

Software Development Engineer

Develop: Customise: Configure. Maximise your technical...

PHP Developer

PHP Developer PHP / MySQL / LAMP / HTML5 / JavaScript...
To send to more than one email address, simply separate each address with a comma.