Home Malware Programs Backdoors BKDR_ANDROM.DA


Posted: March 12, 2013

BKDR_ANDROM.DA is a new variant of the Andromeda Trojan that's been seen most prominently throughout Australia and Turkey (although other countries also have been attacked, albeit to a lesser degree). As an update to old versions of Andromeda, BKDR_ANDROM.DA includes the same basic features that criminals may use to control your PC, steal personal information or install other malware, but also has extra features for evading detection, analysis and removal. SpywareRemove.com malware experts recommend using the most advanced anti-malware software available for deleting BKDR_ANDROM.DA, which is a high-level (and heavily reconfigurable) danger to your PC.

BKDR_ANDROM.DA: the Newest Star-Themed Intruder into Your Computer

While previous examples of Andromeda Trojans like BKDR_ANDROM.NTW, BKDR_ANDROM.P and BDS/Andromeda.EB.6 have been more than credible threats to any Windows computer, BKDR_ANDROM.DA shows that the Andromeda botnet's development is far from finished. This new version of Andromeda has been seen attacking various countries, with Australia being the most widely affected. SpywareRemove.com malware experts have, as usual, connected BKDR_ANDROM.DA's infection vectors to spam e-mail messages that encourage victims to expose their browser to Blackhole Exploit Kit-compromised sites. These attacks install BKDR_ANDROM.DA without your consent by abusing a wide range of software vulnerabilities, some of which may be considered 'zero day' (or not yet corrected by security patches).

BKDR_ANDROM.DA keeps the same module-based structure that previous versions of Andromeda used. This allows any particular BKDR_ANDROM.DA infection to load different modules for different attacks and also lets BKDR_ANDROM.DA to confuse some anti-malware products. SpywareRemove.com malware researchers particularly warn of the following attacks from BKDR_ANDROM.DA:

  • BKDR_ANDROM.DA may spread through USB devices that are shared between a BKDR_ANDROM.DA-infected computer and an uninfected one.
  • BKDR_ANDROM.DA may open network ports without your permission for the purpose of allowing criminals to have backdoor access to your computer.
  • BKDR_ANDROM.DA can install other malware without your consent and also takes steps specifically to make your PC more vulnerable to malware than normal (by abusing features of the Windows Command Shell)
  • BKDR_ANDROM.DA may steal information that's typed on your keyboard via keylogging attacks.
  • BKDR_ANDROM.DA also may monitor online forms (such as those used to store passwords) and steal relevant information that can be used to break into your Web accounts.

Dimming BKDR_ANDROM.DA's Evil Shine on Your PC

Appropriate e-mail precautions can prevent your computer from getting infected by BKDR_ANDROM.DA, and SpywareRemove.com malware researchers urge residents of noticeably-affected countries to take special care with respect to following unusual links, visiting suspicious sites or launching unusual files. BKDR_ANDROM.DA is a high-level threat that can inject malicious code into normal processes, use rootkit techniques to compromise the boot-loading functions of your computer and evade basic anti-malware software.

However, advanced and updated anti-malware products should be able to remove BKDR_ANDROM.DA, which is a well-defined PC threat. Due to BKDR_ANDROM.DA's multiple-component nature and its ability to load different files for different purposes, any system scans for removing BKDR_ANDROM.DA always should be as thorough as possible.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to BKDR_ANDROM.DA may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.