Threat type: Backdoor
Aliases: Backdoor:MSIL/Bladabindi.SBR!MSR (Microsoft), MSIL:Bladabindi-JK [Trj](AVAST)
Platforms: Windows
Overall Risk Rating: Low
Damage Potential: Medium
Distribution Potential: Low
Reported Infection: Low
Information Exposure: High
Overview:
Cybercriminals used this malware bundled with legitimate installation copies of the VPN software known as Windscribe. Note that these copies are hosted from fraudulent sources.
This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
It executes commands from a remote malicious user, effectively compromising the affected system.
It gathers certain information on the affected computer. It logs a user's keystrokes to steal information.