Tuesday, 10 June 2014

Understanding Bublik Downloader and Staying Protected From the Malware



Bublik Downloader is a form of downloader malware, which is usually used to spread P2P Zeus and other major bots. Though the malware doesn’t adds any files or makes changes to system registry and is just a one-time execution bot, but it certainly is very dangerous. As it is mostly used to spread Zeus, which is one of the most dangerous and feared trojan, that steals banking information from victim’s computer, using the key logging and form grabbing technique, so this brings Bublik in the list of most critical viruses and malware. 
Once the gullible user executes Bublik, it then makes a copy of itself by the name budha.exe in the temporary folder. This bot then adds a short Unicode string at the end of binary. It is because of this addition, the check-sum based antivirus signatures do not work in detecting Bublik variants. This malware then runs the modified copy, which besides downloading the actual malware (Zeus/bots) also deletes original sample.
The severity of Bublik Downloader is very high, the security company Fortinet also recently made a blog post on this malware, explaining Bublik’s generations and working. Installing reliable antivirus solution like Fortinet Antivirus 2014 or Webroot Antivirus 2014 can ensure reliable protection from Bublik and its variants. These are trusted products which provide effective and easy set of features to remove all infections from your system. Install and start using them. Meanwhile if problems pop-up then avail Webroot customer support from a legitimate company. A good company to choose on this front is Techcillin. It is an ace support company that provides cost-effective and comprehensive support for various antivirus brands like AVG support, ESET support, Fortinettechnical support , etc.
The bottom line is, start using reliable antivirus and internet protection software, which can detect malware like Bublik or Zeus before they can enter in your system. Also staying away from suspicious links and files, and ensuring everything before giving out personal/banking details always helps. 

No comments:

Post a Comment