BDS/Andromeda.EB.6
Posted: November 22, 2012
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 8/10 |
|---|---|
| Infected PCs: | 26 |
| First Seen: | November 25, 2012 |
|---|---|
| Last Seen: | September 21, 2020 |
| OS(es) Affected: | Windows |
BDS/Andromeda.EB.6 is a backdoor trojan that uses fake Booking.com e-mails to distribute itself to new PCs – along with potentially exploiting removable drive devices (such as USB thumb drives). Because SpywareRemove.com malware experts have confirmed that BDS/Andromeda.EB.6 includes security-disabling features that could allow criminals to control your computer, you should respond to any potential BDS/Andromeda.EB.6 infection with all due haste and use an updated anti-malware program to remove BDS/Andromeda.EB.6 safely. Meanwhile, deleting spam e-mails carrying BDS/Andromeda.EB.6 and keeping your security in-hand while using removable hard drives devices are your best defenses against getting a BDS/Andromeda.EB.6 infection in the first place.
Booking Passage to Big Trouble with BDS/Andromeda.EB.6
BDS/Andromeda.EB.6's main method of infecting a new computer is through e-mail spam. Recent BDS/Andromeda.EB.6-related spam attacks have pretended to be notifications from Booking.com about electronic room reservations, although they should be noticeable as fraudulent due to their request to open a file attachment. These e-mail messages use a rotation of different subject headers and forge their sender addresses to look legitimate.
The file attachment (a ZIP archive) includes an installer EXE for BDS/Andromeda.EB.6. Once you launch this file, your computer will be compromised by BDS/Andromeda.EB.6, which can be detected by other aliases, such as Worm:Win32/Gamarue.I, Trojan-Dropper:W32/Agent.DUER, Backdoor.Win32.Androm.gi, Win32/TrojanDownloader.Wauchos.A, W32/Falab.J5.gen!Eldorado and Trojan.Generic.KDV.704509.
Due to BDS/Andromeda.EB.6 being newly-identified, some anti-malware vendors have yet to develop a definition for BDS/Andromeda.EB.6. As a precaution, SpywareRemove.com malware experts recommend that you update your anti-malware programs whenever you're trying to isolate and delete BDS/Andromeda.EB.6.
Don't End Up Under BDS/Andromeda.EB.6's Bad Star
BDS/Andromeda.EB.6 includes features that, while typical for backdoor trojans, nonetheless are capable of endangering your PC in meaningful ways. Attacks by BDS/Andromeda.EB.6 that SpywareRemove.com malware experts have highlighted include:
- BDS/Andromeda.EB.6 makes contact with a C&C server after its installation, which can allow criminals to instruct BDS/Andromeda.EB.6 in additional attacks.
- BDS/Andromeda.EB.6 may install other malware without your consent.
- BDS/Andromeda.EB.6 runs whenever Windows starts (due to basic Registry-based exploits).
- BDS/Andromeda.EB.6 may inject its code into unrelated Windows processes (to conceal itself and prevent its deletion).
Taken as a whole, these attacks can let BDS/Andromeda.EB.6 grant control of your computer to criminals, subject your computer to a range of attacks (from browser redirects to fake pop-up alerts and other possibilities), reduce your computer's security settings or steal confidential information. SpywareRemove.com malware research team recommends that you consider BDS/Andromeda.EB.6 a potential high-level threat and use anti-malware scans to remove BDS/Andromeda.EB.6 in any circumstances where you think BDS/Andromeda.EB.6 might be on your computer.
Since BDS/Andromeda.EB.6 also may infect removable drives, removable drive devices shouldn't be shared without being disinfected. Failure to do this can allow BDS/Andromeda.EB.6 to install itself on any computer that uses an infected device – without any other actions required on the part of the PC's user.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.