Experts Issue Warning To Indian Internet Users
A typical 'Bladabindi' variant propagates by way of copying themselves into the root folder of a removable drive and create a shortcut file with the name and folder icon of the drive. When the user clicks on the shortcut, the malware gets executed and Windows Explorer is opened and it makes it seem as if nothing malicious happened.
A potential attack by the virus could result into the loss of important proprietary data of a user like "computer name, country and serial number, Windows user name, computer's operating system version, Chrome stored passwords, Firefox stored passwords, the agency said in the advisory.
"The malware can also use infected computer's camera to record and steal personal information. It checks for camera drivers and installs a DLL plugin so it can record and upload the video to a remote attacker. The malware can also log or capture keystrokes to steal credentials like user names and passwords," the CERT-In cautioned users. The agency has also suggested some countermeasures against "Bladabindi'.
"Scan computer system with the free removal tools, disable the autorun functionality in Windows, use USB clean or vaccination software, keep up-to-date patches and fixes on the operating system and application software, deploy up-to-date anti-virus and anti-spyware signatures at desktop and gateway level," the agency suggested.
It also recommended users should not follow unsolicited web links or attachments in email messages, do not visit un-trusted websites, use strong passwords and also enable password policies, enable firewall at desktop and gateway level, guard against social engineering attacks and limit user privileges.
