WASHINGTON (9/20/13)--A new type of malware known as Beta Bot is targeting financial institutions, e-commerce sites, online payment platforms and social networking sites for fraud purposes, said the Federal Bureau of Investigation's Internet Crime Complaint Center (IC3) Wednesday.
Click for larger view
Cybercriminals use Beta Bot to lock computer users' access to security websites and disable anti-virus programs, which leaves the computers vulnerable to compromise. Then the cybercriminals steal sensitive data such as log-in credentials and financial information, according to the FBI alert.
The infection vectors include an official looking but illegitimate Microsoft Windows message box named "User Account Control" that requests the user's permission to allow the "Windows Command Processor" to modify the user's computer settings. If the user complies, hackers can grab data from the computer.
The alert warned that the malware is also spread via USB thumb drives and online via Skype, where it redirects the user to compromised websites.
Although Beta Bot masquerades as the "User Account Control" message box, it also can make modifications on infected computer. IC3 said that if the pop up box pictured here or a similar prompt appears unsolicited on a computer, do not authorize any changes.
To remedy a Beta Bot infection, run a full system scan with up-to-date anti-virus software on the infected computer. If Beta Bot blocks access to security sites, download the latest anti-virus updates or an entirely new anti-virus program, save it to the USB drive, and loan and run it on the infected computer. Then reformat the USB drive to remove any traces of the malware.