All the latest UK technology news, reviews and analysis


FBI warns of bank-robbing Beta Bot malware that disables antivirus

20 Sep 2013
Security padlock image

The FBI's Internet Crime Complaint Centre (IC3) has warned businesses to be wary of new malware called Beta Bot capable of disabling antivirus programs.

The IC3 issued the warning in a public blog post, confirming that it has seen the malware used to target a variety of organisations.

"The FBI is aware of a new type of malware known as Beta Bot. Cyber criminals use Beta Bot to target financial institutions, e-commerce sites, online payment platforms, and social networking sites to steal sensitive data such as login credentials and financial information. Beta Bot blocks computer users' access to security websites and disables antivirus programs, leaving computers vulnerable to compromise," read the warning.

The intelligence report added that the malware usually looks to trick users into downloading it by masquerading as a legitimate Microsoft Windows message, asking the user to allow the "Windows Command Processor" to modify the user's computer settings.

The FBI's IC3 said it has also seen incidents of the malware spreading via USB sticks and Skype, and that it can steal a variety of data from the infected machine. "If the user complies with the request, the hackers are able to exfiltrate data from the computer. Beta Bot is also spread via USB thumb drives or online via Skype, where it redirects the user to compromised websites," read the post.

On the upisde, the FBI security centre said there are steps victims of the Beta Bot malware can take. "Remediation strategies for Beta Bot infection include running a full system scan with up-to-date antivirus software on the infected computer," read the report.

"If Beta Bot blocks access to security sites, download the latest antivirus updates or a whole new antivirus program onto an uninfected computer, save it to a USB drive and load and run it on the infected computer. It is advisable to subsequently reformat the USB drive to remove any traces of the malware."

Since the IC3 report went live, many security firms have questioned whether the malware is new. Russian security firm Kaspersky reported that Beta Bot was actually discovered at the start of the year and is often thought of as a low-level threat, leaving it unclear why the agency is making such a fuss about it.

"While the FBI refers to Beta Bot as new, the malware surfaced at the beginning of the year as an HTTP bot and later expanded its capabilities that spring," said Kaspersky's blog post.

"Beta Bot was never thought to have been as sophisticated as Trojans designed specifically for bank fraud, so it's unclear if the FBI's warning coincides with a new rash of Beta Bot infections or a new set of technical capabilities for the malware."

Banking-focused malware is an ever-present problem facing the security industry, with criminals creating increasingly sophisticated attacks. Earlier this month Trend Micro researchers detected evolved versions of the notorious Citadel banking Trojan targeting Japanese computer users.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson
About

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus
Poll

Windows 10 poll

What are your first impressions of Windows 10?
14%
3%
9%
4%
23%
4%
43%

Popular Threads

Powered by Disqus
V3 Sungard roundtable event - Cloud computing security reliability and scalability discussion

CIOs debate how to overhaul businesses for the digital era

V3 hosts roundtable with Sungard Availability Services

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv3may

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging

ibmv3may

Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

PPC/SEM Executive - English Speaking (Budapest)

PPC/SEM Executive - English Speaking (Budapest) Company...

PPC/SEM Executive - Swedish Speaking (Budapest)

PPC/SEM Executive - Swedish Speaking (Budapest) Company...

Technical Support Specialist (Projects)

TECHNOLOGY SUPPORT SPECIALIST (PROJECTS) Post...

PMO - software implementations

This role is for a leading provider of software solutions...
To send to more than one email address, simply separate each address with a comma.