Analysis by: Jerowin Santillan

 URL BLOCKING DATE/TIME: 16 Aug 2013 08:05:00 AM GMT-8
 CATEGORY: Disease Vector

BKDR_FIDOBOT.A sends successful combinations of usernames and passwords to the C&C server by posting to this URL. This backdoor is used by cybercriminals to brute-force many WordPress blogs via logging into administrator pages. When executed, it connects to a C&C server, where it downloads the list of sites to target and the passwords to use to brute-force it.

Related Malware