BKDR_FIDOBOT.A accesses websites by brute-forcing them with a list of passwords and usernames obtained from this URL. This backdoor is used by cybercriminals to brute-force many WordPress blogs via logging into administrator pages. When executed, it connects to a C&C server, where it downloads the list of sites to target and the passwords to use to brute-force it.