Home Malware Programs Backdoors BKDR_LIFTOH.AD


Posted: October 21, 2013

Threat Metric

Ranking: 2,486
Threat Level: 1/10
Infected PCs: 3,117
First Seen: October 21, 2013
Last Seen: June 23, 2022
OS(es) Affected: Windows

BKDR_LIFTOH.AD is a backdoor Trojan with a history of installing high-level PC threats like the multifunctional banking Trojan known as Trojan Zeus. Distribution methods for BKDR_LIFTOH.AD Trojans traditionally use instant messaging and profile spam, but have begun to include e-mail spam, as well – which may be in an effort to target specific institutions or individuals. E-mail messages carrying Trojan droppers for BKDR_LIFTOH.AD attacks have been known to use several disguises, and provide a good case in point for SpywareRemove.com malware experts to encourage scanning all suspicious file attachments before opening them. Once BKDR_LIFTOH.AD is installed, deleting BKDR_LIFTOH.AD always should be your highest priority for the safety of your PC and often requires resorting to strong anti-malware tools.

BKDR_LIFTOH.AD: Lifting the Malware Up that Will Make Your Bank Account Its Own

BKDR_LIFTOH.AD is a multipurpose backdoor Trojan that is used to compromise your PC, enable remote control of it through criminal C&C servers and install other threats (usually ones that are more specialized than BKDR_LIFTOH.AD). BKDR_LIFTOH.AD previously was mostly known for its exploitation of social media websites (such as Facebook) and various instant messaging platforms, using those platforms as means of distributing itself through disguised links from compromised accounts. However, researchers at Trend Micro uncovered an interesting divergence from BKDR_LIFTOH.AD's usual game plan: spam e-mail messages that installed BKDR_LIFTOH.AD.

This installation method is roundabout, but still very typical for unsafe software, as have been noted through previous Trojan-related e-mail campaigns. The e-mail messages are disguised as

Limited inquiries, online purchase confirmations and/or invoices from Denso Manufacturing, all of which are formatted to appeal to British victims especially. Victims who open the included attachment may be attacked by a Trojan dropper, which uses a Microsoft Office vulnerability to install BKDR_LIFTOH.AD.

BKDR_LIFTOH.AD may then install other threats, such as Zeus (spyware that uses sophisticated attacks to steal bank account information and money). BKDR_LIFTOH.AD also allows criminals to have backdoor access to your computer for the purpose of enabling any other attacks.

Keeping Your PC Security Grounded Away from BKDR_LIFTOH.AD

Like most multiple-step attacks, you can defend your computer from BKDR_LIFTOH.AD infections at each step of the way with both appropriate security software and good user behavior. E-mail file attachments usually should be treated as security risks due to the frequency with which they're used to distribute threats like BKDR_LIFTOH.AD, and SpywareRemove.com malware researchers find it worth reminding readers that most reputable companies don't transfer information through such methods in the first place. However, if you do need to open a file attachment that isn't verified as safe, using anti-malware products to scan a potential Trojan installer for BKDR_LIFTOH.AD is the easiest way to detect a threat before your computer is infected.

PC threats often included in BKDR_LIFTOH.AD's payloads are known for stealing highly personal information and using advanced attacks that are difficult to detect by eye. Additional security techniques, such as restarting your computer from an emergency operating system, may be necessary for deleting any other threat installed by BKDR_LIFTOH.AD – not to mention BKDR_LIFTOH.AD, itself.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to BKDR_LIFTOH.AD may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.