Undead Backdoor Trojan Suspected to Especially Target Online Banking Users


   Recently, Baidu Antivirus Security Center has intercepted a variant of backdoor trojan named Backdoor.Win32.DarkKomet.Abc. It is reported that this backdoor trojan is a backdoor program named "DARKCOMET RAT". After analyzing this variant, we discovered that it probably primarily targets online banking users. Security experts have discovered that the remote server used by this trojan includes the keyword "bankking". This type of backdoor trojan may control a computer remotely, perform key logging, etc. It can easily record its victim's bank account password when it is typed with the keyboard and can monitor the user's screen at any time. Thus, it can remotely access the victim's online bank account and steal the money.

   (Domain names used by hackers' remote servers)

   To protect against this variant of backdoor trojan, current Baidu Antivirus users should enable real-time protection which will stop this trojan from infecting users' computers.Furthermore, Baidu Antivirus comes with the privacy protection feature which has a comprehensive anti-keylogger function and protects against remote control (e.g. taking ascreen shot and other sensitive operations) and other trojan behaviors. When a computer is attacked by a trojan, a warning will pop-up to ensure the security of the user's online banking. Baidu Antivirus security experts also report that this type of trojan is commonly spread through email and Facebook. For safety, do not click on unknown links or run unknown files. Also, users should set daily transfer limits for their online bank accounts to reduce the risk to their money.


   Baidu Antivirus official site:

   Baidu Antivirus official Facebook: