Home Malware Programs Backdoors Backdoor.Rabasheeta

Backdoor.Rabasheeta

Posted: October 10, 2012

Threat Metric

Threat Level: 2/10
Infected PCs: 30
First Seen: October 10, 2012
Last Seen: September 15, 2022
OS(es) Affected: Windows

Backdoor.Rabasheeta is a backdoor Trojan that has acquired significant press in Japan due to the confirmation of some of its attacks being used in the creation of death threats and terrorism-related messages. Residents of Japan are particularly at risk of being infected by Backdoor.Rabasheeta, which has been found to have at least three variants and appears to have ongoing development support. Malicious websites appear to be Backdoor.Rabasheeta's primary means of distribution, and SpywareRemove.com malware analysts recommend that you avoid suspicious links or files that could redirect you to web content that could install Backdoor.Rabasheeta. Because Backdoor.Rabasheeta doesn't show symptoms and includes components in several locations, if your PC suffers from a Backdoor.Rabasheeta infection, anti-malware software should be used to remove Backdoor.Rabasheeta safely.

Backdoor.Rabasheeta: the Trojan that Gets You Caught for Crimes that You Didn't Even Commit

As far as its basic capabilities are concerned, Backdoor.Rabasheeta is a standard backdoor Trojan. SpywareRemove.com malware analysts have found that Backdoor.Rabasheeta can allow criminals to control your computer via a remote server (a C&C or Command & Control server). This vulnerability can be used to steal personal information, delete files, install additional malware or change your system settings in harmful ways. Although Backdoor.Rabasheeta isn't nearly as sophisticated as ZeroAccess rootkits, Zeus and similarly advanced PC threats, a Backdoor.Rabasheeta infection never should be considered anything less than a serious security breach.

In the eyes of SpywareRemove.com malware experts, what makes Backdoor.Rabasheeta remarkable isn't what Backdoor.Rabasheeta has the ability to do, but what its criminal author has chosen to configure Backdoor.Rabasheeta to do. Recent cases of Backdoor.Rabasheeta-infected PCs in Japan have caused innocent PC users to be jailed temporarily due to their affiliation with online death threats. Additional inspection of the computers involved caused the authorities to realize that Backdoor.Rabasheeta was the actual culprit, and Backdoor.Rabasheeta's coder remains at large at this time. Examples of some of the death threats and terrorism-related messages that Backdoor.Rabasheeta may be used to send include:

  • Death threats to preschool classes including politically important members (such as children from Japan's royal family).
  • Threats to engage in mass murder in congested traffic areas (such as subways and train stations).
  • Bombing threats for public airlines.

Keeping the Terror of Backdoor.Rabasheeta out of Your Computer

Current reports put estimated Backdoor.Rabasheeta infections at potentially twenty or more victims. While this distribution is limited, SpywareRemove.com malware analysts also note that Backdoor.Rabasheeta is still being developed and has the potential to use widespread distribution techniques in the future. Due to Backdoor.Rabasheeta's lack of symptoms, use of encryption and varying versions, you should use only up-to-date and accurate anti-malware programs to detect or delete Backdoor.Rabasheeta. Backdoor.Rabasheeta is installed by a separate Trojan dropper that also should be removed with Backdoor.Rabasheeta.

Backdoor.Rabasheeta does boast one other feature that's mildly unique – the inclusion of a visual GUI menu. This simple install/uninstall menu presumably was added for bug-testing purposes, as SpywareRemove.com malware researchers have found that it's disabled by default. Thus, victims of Backdoor.Rabasheeta infections shouldn't expect to see any strong visual signs of Backdoor.Rabasheeta's presence on their PC, other than warnings from anti-malware products.

Technical Details

Additional Information

The following URL's were detected:
life-without-errors.com
Loading...