Bredolab attacks again

Bredolab, a malicious program which last flooded the net in mid-December, seems to have launched a new offensive, VirusBuster warned. The Hungary-based specialist of computer security is one of the few companies worldwide, whose antivirus engine has been able to identify the new variants.

Less than two months after the last large scale attack, researchers have again reported a massive Bredolab outbreak, with at least one new variant every day over the past week. The malware belongs to the family of "trojans". Trojans are programs, which pretend to serve users, but in fact they are designed to cheat their victims.

As in earlier attacks, Bredolab is again distributed as an e-mail attachment. The message is about fake DHL parcel delivery problems. The e-mails come from a random name, and a spoofed address. The malware load is contained in the attached ZIP file, whose name starts with the string " DHL_Print_Label _".

"The large number of variants has been difficult to deal with for security companies. Few antivirus engines have been able to cope with it. Operating proactively, VirusBuster's software has detected all the versions of the malware", commented Gábor Szappanos, the head of VirusBuster's virus lab.