Searching
..

Click anywhere to stop

Worm.Win32.Ngrbot

Detect Date 09/29/2015
Class Worm
Platform Win32
Description

On an infected computer, this malware displays messages that resemble the following ones:

Main reasons:

  • you stupid cracker
  • you stupid cracker…
  • you stupid cracker?!

Then the bot begins to receive commands from the command-and-control IRC server, such as to start a DDoS attack.

These malicious programs can block connections to the servers of anti-virus companies, steal user passwords for various legitimate websites, and intercept messages sent by the user on social networks.

The worm spreads via messages on social networks and Skype, as well as external drives connected to a computer.

Top 10 countries with most attacked users (% of total attacks)

Country % of users attacked worldwide*
1 Russia 29.19
2 India 9.78
3 Vietnam 6.60
4 Mexico 5.45
5 Algeria 3.79
6 Malaysia 3.34
7 Kazakhstan 3.05
8 Indonesia 2.48
9 Sri Lanka 2.41
10 Iran 2.05

* Percentage among all unique Kaspersky users worldwide who were attacked by this malware

Find out the statistics of the threats spreading in your region