http://melkoe.{BLOCKED}zo.biz/bruteres.php

 Analysis by: Jerowin Santillan

 URL BLOCKING DATE/TIME: 16 Aug 2013 08:05:00 AM GMT-8
 RATING: HIGH
 DOMAIN: melkoe.puzopuzo.biz
 CATEGORY: Disease Vector
 DESCRIPTION:

BKDR_FIDOBOT.A sends successful combinations of usernames and passwords to the C&C server by posting to this URL. This backdoor is used by cybercriminals to brute-force many WordPress blogs via logging into administrator pages. When executed, it connects to a C&C server, where it downloads the list of sites to target and the passwords to use to brute-force it.

Related Malware