Home Malware Programs Backdoors BKDR_DLDR.A


Posted: November 29, 2012

Threat Metric

Threat Level: 2/10
Infected PCs: 49
First Seen: November 29, 2012
OS(es) Affected: Windows

BKDR_DLDR.A is a backdoor Trojan that is included in a spam malware campaign related to Hurricane Sandy. The specific attack which is used to spread TROJ_ARTIEF.SDY to victimized computers affects NATO's Special Operations Headquarters (NSHQ). The unsolicited email has the subject 'Did Global Warming Contribute to Hurricane Sandy's Devastation' and carries a .DOC file with the same title. Cybercriminals behind this scam seem to have used the title of a recent New York Times blog post about Hurricane Sandy. The infectious file attachment, found as TROJ_ARTIEF.SDY, exploits the RTF Stack Buffer Overflow Vulnerability (CVE-2010-3333) which was addressed by Microsoft in November 2010 in MS10-087 to drop the backdoor BKDR_DLDR.A. BKDR_DLDR.A connects to its command-and-control (C&C) server to send and receive commands from remote attackers. Some of the commands that BKDR_DLDR.A can execute involve downloading, copying, modifying, creating files and folders, stealing file information, and acquiring time zone information among others. BKDR_DLDR.A is an Enfal/Lurid variant.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to BKDR_DLDR.A may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.