http://melkoe.{BLOCKED}zo.biz/cmd.php

 Analysis by: Jerowin Santillan

 URL BLOCKING DATE/TIME: 16 Aug 2013 08:05:00 AM GMT-8
 RATING: HIGH
 DOMAIN: melkoe.puzopuzo.biz
 CATEGORY: Disease Vector
 DESCRIPTION:

BKDR_FIDOBOT.A accesses websites by brute-forcing them with a list of passwords and usernames obtained from this URL. This backdoor is used by cybercriminals to brute-force many WordPress blogs via logging into administrator pages. When executed, it connects to a C&C server, where it downloads the list of sites to target and the passwords to use to brute-force it.

Related Malware