Active Threat: Beta Bot

Posted
Home / Blog / Latest Cybersecurity Threats / Active Threat: Beta Bot

Beta Bot is a nasty type of Trojan first discovered in 2013 that infects computers, disables their antivirus and malware scanning software and also prevents users from accessing security – oriented websites. It disguises itself as a MS Windows message box usually titled, ‘User Account Controls’ and asks the user to allow the ‘Windows Command Processor’ to make admin-level changes. Of course it says it is certified and approved by Microsoft.

If the user approves this request Beta Bot then modifies the computer to disable its security software and then steals log-ins, passwords and financial data.

If the user doesn’t approve the request for administrative controls Beta Bot can get more dramatic. Some versions will prompt the user with a “Critical Disk Error” warning which is often scary enough to push the user into giving Beta Bot access.

The most common way users infect their machines with Beta Bot is by clicking on fake links in Skype or by phishing emails that prompt the user to download something like a ‘video player.’ USB drives also have contained Beta Bot.

It is very difficult to uninstall Beta Bot once it is identified on one’s machine – given that it disables malware and anti-virus programs. The US FBI recommends downloading a new, complete antivirus suite to a different, clean computer and then transferring the necessary files to a USB and then loading that on to the infected machine. Once complete, reformat the USB completely. Or throw it out.