Backdoor.Win32.Bredolab

Publication Date 05/30/2016
Class Backdoor
Platform Win32
Description

This malware family was first discovered by researchers in mid-2008. The main purpose of this malware is to download other malicious programs onto the infected computer.

Cybercriminals could manage computers infected with Backdoor.Win32.Bredolab malware by using an administration panel, which could be purchased on hacker forums together with the malware itself.

The malware was used to create the Bredolab botnet, which appeared in mid-2009. According to Dutch police, the botnet included over 30 million “zombie” computers around the world.

Geographical distribution of attacks by the Backdoor.Win32.Bredolab family

Geographical distribution of attacks during the period from 30 May 2015 to 30 May 2016

Top 10 countries with most attacked users (% of total attacks)

Country % of users attacked worldwide*
1 Uzbekistan 23.11
2 Russian Federation 9.04
3 Vietnam 7.03
4 India 7.00
5 USA 7.00
6 Germany 6.74
7 France 2.76
8 Philippines 2.62
9 United Kingdom 2.51
10 Japan 2.22

* Percentage among all unique Kaspersky Lab users worldwide who were attacked by this malware