CERT-In Alert: Lethal Bladabindi Virus Is Targeting Windows OS In India
Computer Emergency Response Team – India (CERT-In), Government of India organization under Ministry of Communication and IT has just released an alert for all Indian internet users on Windows Operating System: Stay clear from Bladabindi virus!
This lethal virus is known to steal sensitive personal information from your PC, and pass on to hackers who can use it for any illegal activities. As per the alert from CERT-In, this virus is especially targeting those computers which run on Windows OS, making it’s impact and reach even wider.
How Bad Is Bladabindi?
The worst thing is that the virus once activated on a PC, turns into a malware downloader which can do several nefarious activities such as creating backdoors in the computer, propagating the virus further to other PCs and more. Such unintentional backdoors can then be exploited by a hacker to steal information from the user’s PC.
Bladabindi virus is so advanced and equipped with ‘cutting edge’ technology that once infected, it can control your keyboard strikes, manipulate web-camera, open up porn websites and send personal information such as financial records and passwords to the hacker. Besides internet, this virus is adaptable enough to be transmitted via USB drives and hard disks.
Another interesting ability of this virus is to conceal it’s identity. CERT-In security experts have identified that Bladabindi virus can create as many as 12 different aliases using which it can protect it’s identity from the ignorant user.
Not only that, but the virus can automatically create a unique and safe network domain ID, using which it can add itself to the firewall exclusion list, thereby successfully bypassing the security cover provided by the firewall.
How It Operates?
Bladabindi variants can be created using a publically available malicious hacker tool. Attacker can create a malicious file using any choice of icon to mislead or entice naïve user into running the malicious file. Some of the sample file icons used by Bladabindi are shown below
As observed by security specialists at CERT-In, a typical Bladabindi variant will copy itself into the root folder of a removable device such as pen drive and then create a shortcut file with icon with a random name and save itself on the drive. When a ignorant user clicks on the icon, the virus gets executed and Windows Explorer is opened, thereby inciting no suspicion from the user. But underneath, behind the scenes, the virus will start scanning the personal documents and pass them on to the hackers.
As per the alert, the virus can steal “computer name, country and serial number, Windows user name, computer’s operating system version, Chrome stored passwords, Firefox stored passwords etc from the host computer”.
How to protect yourself from Bladabindi
As per CERT-In advisory regarding protection from this lethal virus, you can:
- Scan your PC using malware removal tools
- Disable the auto-run functionality in your Windows
- Use a tool to clean your USB periodically
- Install all patches and updates provided by Microsoft
- Install anti-virus and anti-spyware applications
- Use Anti-spyware signatures at desktop and gateway level
- Don’t open unsolicited links/attachments from unknown persons
- Don’t open untrusted websites (those maybe infected with this virus)
- Create strong passwords with alpha-numerical characters; and keep on changing them regularly