BitDefender Releases Protection against MBR-Corrupting Backdoor Yonsole

Jun 22nd, 2010 | Category: BitDefender

BitDefender has released signatures and a free removal tool to protect its customers against a new piece of backdoor that overwrites the Master Boot Record of the local hard-disk drive, thus preventing Windows from starting up.

Identified by BitDefender as Backdoor.Yonsole, the e-threat was spotted on Saturday, June 19. It comes bundled with various applications, including what appears to be a “critical Microsoft® Windows® update”. Preliminary analyses revealed the presence of two variants (A and B), which share the same functionality, but differ in the way they subvert Windows services.

After it has successfully infected the host system, the malware installs and registers a backdoor service that allows a remote attacker to pass commands, as well as to initiate a Remote Desktop session. Among the supported commands there is the overwriting of the Master Boot Record (MBR) area of the hard-disk, a behavior that is specific to the notorious worms in the Zimuse family.

Users suspecting that their systems have been compromised are strongly advised to run the removal tool available on Malware City. If the MBR hasn’t been overwritten yet, the removal tool will clean the system and perform a reboot. BitDefender has updated its signatures to block and delete both variants of Backdoor.Yonsole as of Saturday, which leaves BitDefender customers unaffected by this e-threat.

For more information on Backdoor.Yonsole and for the free removal tool, please visit Malware City

About BitDefender®
BitDefender is the creator of one of the industry’s fastest and most effective lines of internationally certified security software. Since its inception in 2001, BitDefender has continued to raise the bar and set new standards in proactive threat prevention. Every day, BitDefender protects tens of millions of home and corporate users across the globe – giving them the peace of mind of knowing that their digital experiences will be secure. BitDefender solutions are distributed by a global network of value-added distribution and reseller partners in more than 100 countries worldwide. More information about BitDefender and its products are available at the company’s security solutions press room. Additionally, BitDefender’s www.malwarecity.com provides background and the latest updates on security threats helping users stay informed in the everyday battle against malware.

Share and Enjoy:
  • Twitter
  • Facebook
  • Reddit
  • Digg
  • del.icio.us
  • Google Bookmarks
  • StumbleUpon
  • MySpace
  • Yahoo! Bookmarks
  • Print
  • RSS
  • Add to favorites

Related Posts

  1. New Trojan Opens Backdoor to Any System Running Visual Basic.NET
  2. BitDefender Announces Availability of Beta 2 for BitDefender Total Security
  3. Trojan Gets Into Android Groove
  4. BitDefender Total Security 2010 Receives Top Score from PC Security Labs Total Protection Test
  5. BitDefender Finds Exposed Social Media Credentials Often Provide Access to Email Accounts
Tags: ,

Leave a Comment