June 2010
BitDefender Releases Protection against MBR-Corrupting Backdoor Yonsole
E-threat can prevent OS from starting up
BitDefender has released signatures and a free removal tool to protect its customers against a new piece of backdoor that overwrites the Master Boot Record of the local hard-disk drive, thus preventing Windows from starting up.
Identified by BitDefender as Backdoor.Yonsole, the e-threat was spotted on Saturday, June 19. It comes bundled with various applications, including what appears to be a ⌠critical Microsoft╝ Windows╝ update■. Preliminary analyses revealed the presence of two variants (A and B), which share the same functionality, but differ in the way they subvert Windows services.
After it has successfully infected the host system, the malware installs and registers a backdoor service that allows a remote attacker to pass commands, as well as to initiate a Remote Desktop session. Among the supported commands there is the overwriting of the Master Boot Record (MBR) area of the hard-disk, a behavior that is specific to the notorious worms in the Zimuse family.
Users suspecting that their systems have been compromised are strongly advised to run the removal tool available on Malware City. If the MBR hasn▓t been overwritten yet, the removal tool will clean the system and perform a reboot. BitDefender has updated its signatures to block and delete both variants of Backdoor.Yonsole as of Saturday, which leaves BitDefender customers unaffected by this e-threat.
For more information on Backdoor.Yonsole and for the free removal tool, please visit Malware City
About Bitdefender®
Bitdefender is the creator of one of the world's fastest and most effective lines of internationally certified internet security software.Since 2001, the company has been an industry pioneer, introducing and developing award-winning protection. Today, Bitdefender technology secures the digital experience of around 400 million home and corporate users across the globe.
Recently, the company has won a range of key independent recommendations in the US, UK and across Europe, including ConsumerSearch, Which?, Stiftung Warentest and Taenk. Bitdefender antivirus technology has also finished top in leading industry tests from both AV Test and AV-Comparatives. More information about Bitdefender's antivirus products is available from the company's security solutions press room. Additionally, Bitdefender publishes Malware City providing the latest updates on security threats and helping users stay informed in the everyday battle against malware.