BKDR_IRCBOT.DAM

BKDR_IRCBOT.DAM is a Trojan that distributes itself in the form of a supposed video clip of Muammar Gaddafi's death. Unlike other Trojans that utilize similar scams like BKDR_EXDEPH.A, BKDR_IRCBOT.DAM doesn't even pretend to offer any real media content once you've opened BKDR_IRCBOT.DAM. Instead of receiving a movie clip, your PC will unwittingly embrace an installation of the backdoor Trojan BKDR_IRCBOT.DAM, a security-reaming Trojan that can be responsible for theft of personal information, the installation of other types of PC threats and even total loss of control over your computer. If you've attempted to view a movie file from an e-mail message and haven't found a movie nestled inside the file, you may need to delete BKDR_IRCBOT.DAM with a dependable anti-malware application before BKDR_IRCBOT.DAM has time to ramp up serious attacks.

BKDR_IRCBOT.DAM – Just One of Many Trojans Making Money Out of Dictatorial Demise

As is also the case with BKDR_EXDEPTH.A and Mal/Behav-103, BKDR_IRCBOT.DAM spreads through the web with a little help from spam e-mail messages. A BKDR_IRCBOT.DAM e-mail can be recognized by appearing in the form of a fake CNN newsletter, although, so far, only Spanish-language versions of this e-mail have been seen. This fraudulent newsletter contains the CNN logo and overall looks believable save for the inclusion of a 'Video-Gadhafi.mpeg.exe' file attachment. Of course, although the e-mail message will claim that this file is a video clip, in reality, it's the backdoor Trojan BKDR_IRCBOT.DAM.

As its name implies, BKDR_IRCBOT.DAM uses IRC server communication to receive files and instructions, and is, at a minimum, capable of the following attacks:

• Bypassing your security-related software and settings to allow itself to have unimpeded network traffic. This can include uploading your private information or downloading malicious files.
• Updating itself to enhance its own features on an automatic basis.
• Installing hostile programs, such as spyware, viruses or fake PC security applications.
• Deleting some of its files after performing hostile actions (to make it difficult to detect or remove a BKDR_IRCBOT.DAM infection).

Letting the Dead and Your PC Rest in Peace from BKDR_IRCBOT.DAM Attacks

SpywareRemove.com malware analysts always recommend that you act hastily to delete any backdoor infection, and that includes deleting BKDR_IRCBOT.DAM as soon as possible. Failure to do this can cause your passwords to be stolen, your accounts to be hijacked, or your PC to be misused for DDoS crimes, as just a few examples of BKDR_IRCBOT.DAM's possible payloads. You should also assume that BKDR_IRCBOT.DAM is active, unless you've used Safe Mode or another method of deactivating BKDR_IRCBOT.DAM; this can cause anti-malware system scans to fail.

Safe Mode, however, can be accessed on any Windows computer and allows your PC to shut down BKDR_IRCBOT.DAM's automatic startup routine with minimal fuss. SpywareRemove.com malware experts also recommend that you update your anti-malware program of choice, if necessary, since this may be critical to identifying all components of a BKDR_IRCBOT.DAM infection. Afterwards, you may wish to double-check your firewall and network settings to make sure that they aren't still set to unsafe values.

Technical Details