BKDR_SEDNIT.SM

Posted: October 9, 2013

Threat Metric

The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to give every identifiable malware threat. Our Threat Meter includes several criteria based off of specific malware threats to value their severity, reach and volume. The Threat Meter is able to give you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count, Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic breakdown of how all threats are ranked within our own extensive malware database. The scoring for each specific malware threat can be easily compared to other emerging threats to draw a contrast in its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to remove a threat or pursue additional analytical research for all types of computer users.

The following fields listed on the Threat Meter containing a specific value, are explained in detail below:

Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.

Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.

Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.

Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.

% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.

Ranking:	5,846
Threat Level:	1/10
Infected PCs:	5,164

First Seen:	October 9, 2013
Last Seen:	October 10, 2023
OS(es) Affected:	Windows

BKDR_SEDNIT.SM is a backdoor Trojan and spyware program that lets criminals access your computer and steal confidential information. While BKDR_SEDNIT.SM can be distributed in multiple ways, the latest BKDR_SEDNIT.SM attacks as confirmed by Trend Micro have been noted to use fraudulent e-mail messages themed after the 2013 APEC (Asia-Pacific Economic Cooperation) summit. BKDR_SEDNIT.SM currently is in low distribution but has the potential to be a high-level PC threat, and SpywareRemove.com malware researchers recommend rigorous use of competent anti-malware tools to detect or delete BKDR_SEDNIT.SM, which shows no symptoms during its infection.

From Passing Interests in Global Journalism to Spyware Attacks

BKDR_SEDNIT.SM is a multi-purpose Trojan intended to fulfill several general roles that dismantle the security and privacy of the infected PC. Despite its potential for a high degree of damage, BKDR_SEDNIT.SM currently is in limited distribution. However, that may change as of its latest attack, which transports a Trojan dropper for BKDR_SEDNIT.SM via spam e-mail messages that are believed to be targeting institutions and individuals with reasons to be interested in the latest summit for Asia-Pacific Economic Cooperation. As usual, these e-mail messages disguise their nature by claiming to provide legitimate articles and even may display normal documents to distract their victims from the installation of BKDR_SEDNIT.SM.

Although the Trojan dropper installing BKDR_SEDNIT.SM deletes itself to conceal the proof of the attack, BKDR_SEDNIT.SM will remain on your computer and indulge in several highly invasive attacks. Malware researchers have outlined the most important of BKDR_SEDNIT.SM's functions as shown below:

Backdoor connections that allow criminals to access your computer.
The potential download and installation of additional types of unreliable software.
Keylogging attacks that record your typing to a log file that's transferred to criminals through the aforementioned backdoor connection.

Like any 'good' Trojan, BKDR_SEDNIT.SM enacts these attacks without any corresponding symptoms or visual cues that would make the victim suspicious.

Keeping Sednit from Sniffing out Your Intel

One notable feature of BKDR_SEDNIT.SM's newest attack is that BKDR_SEDNIT.SM utilizes a software vulnerability from Microsoft Office. This vulnerability recently was patched, providing SpywareRemove.com malware research team with yet another example of why keeping all of your programs always updated is essential for the safety of your machine. However, such vulnerabilities often are rotated on a semi-regular basis, and future BKDR_SEDNIT.SM attacks may use different forms of old exploits or even new ones that have yet to be patched.

Removing BKDR_SEDNIT.SM or similar spyware programs almost always necessitates using dedicated anti-malware software as a natural consequence of spyware tending to use advanced methods to hide their files and system changes. Unless you have professional training in PC security, you shouldn't anticipate being able to detect BKDR_SEDNIT.SM's files, processes or settings changes directly, even while BKDR_SEDNIT.SM is busily stealing anything that you type on your keyboard.

BKDR_SEDNIT.SM

Threat Metric

From Passing Interests in Global Journalism to Spyware Attacks

Keeping Sednit from Sniffing out Your Intel

Leave a Reply