Home Malware Programs Backdoors BKDR_TENPEQ.SM

BKDR_TENPEQ.SM

Posted: August 19, 2013

Threat Metric

Threat Level: 1/10
Infected PCs: 7
First Seen: August 19, 2013
Last Seen: February 7, 2023
OS(es) Affected: Windows

BKDR_TENPEQ.SM is a backdoor Trojan installed by a related spyware program, TSPY_ONLINEG.OMU, in attacks that currently are targeting industries in South Korea. In addition to being designed to grant control of your PC and related networks to a remote attacker, BKDR_TENPEQ.SM also is related to attacks that steal various passwords for gaming applications, amongst other types of information. While, in theory, BKDR_TENPEQ.SM may affect most Windows PCs, its attack campaign largely is centered around South Korea, and PC users from that region should be careful to use anti-malware tools and browser security features to prevent BKDR_TENPEQ.SM infections and remove BKDR_TENPEQ.SM from their computers (along with TSPY_ONLINEG.OMU).

The Backdoor that Comes Along with Greedy Fingers on All Your Passwords

While backdoor Trojans often are the centerpieces of their attack campaigns, BKDR_TENPEQ.SM is structured as just an optional secondary component of TSPY_ONLINEG.OMU, which is evolution of previous versions of TSPY_ONLINEG spyware. The most recent attacks distributing TSPY_ONLINEG.OMU spyware did so through hacks of innocent South Korean websites, which were forced to host drive-by-download exploits that installed TSPY_ONLINEG.OMU on the PCs of any visiting traffic.

TSPY_ONLINEG.OMU is capable of stealing online gaming passwords and related login data. However, the full extent of TSPY_ONLINEG.OMU potential for damage only is revealed if you attempt to navigate to specific website pages related to admin accounts for South Korean companies. Companies in a wide range of industries have been targeted, including those in telecommunications, news media and game development. Once TSPY_ONLINEG.OMU detects any attempted access to these Web pages, it installs BKDR_TENPEQ.SM, and the danger in question broadens out to affecting more than just your gaming accounts.

Why Just Game Accounts Aren't Enough for BKDR_TENPEQ.SM

In an echoing of TSPY_ONLINEG.OMU's functions, BKDR_TENPEQ.SM does include some generic keylogging functions that allow BKDR_TENPEQ.SM to steal any keyboard-typed information from your computer. However, BKDR_TENPEQ.SM's main attacks target the administrator login information of accounts for the aforementioned company websites. These attacks allow BKDR_TENPEQ.SM's criminal partners to gain access to business websites and networks; thus compromising them for the sake of professional espionage or distribution of more malware.

SpywareRemove.com malware experts are unable to link any obvious symptoms to either BKDR_TENPEQ.SM or its fellow spyware TSPY_ONLINEG.OMU. Ultimately, you usually will need anti-malware software to have a chance of detecting or removing BKDR_TENPEQ.SM from your computer. Browser-based protection also should be considered essential given the BKDR_TENPEQ.SM campaign's close association with hacked websites and automated download attacks.

Naturally, any information stored on PCs compromised by BKDR_TENPEQ.SM should be considered potentially leaked. After disinfecting your PC, changing all relevant passwords, user names and related login data is highly encouraged to keep criminals from making additional remote attacks against those specific accounts. As usually is suggested in backdoor Trojan attacks involving industrial targets, you also should keep local network and peripheral device security in mind when removing BKDR_TENPEQ.SM.

Technical Details

Additional Information

The following URL's were detected:
tabzmania.com
Loading...