W32/AutoRun.BBC!worm
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Ranking: | 1,088 |
Threat Level: | 20 % (Normal) |
Infected Computers: | 14,368 |
First Seen: | November 12, 2012 |
Last Seen: | September 20, 2023 |
OS(es) Affected: | Windows |
The W32/AutoRun.BBC!worm malware infection is a worm that also has characteristics of a computer virus. The W32/AutoRun.BBC!worm is created to spread from one computer to another. In the case of W32/AutoRun.BBC!worm, this malware infection includes a keylogger component that records all keystrokes on the infected computer's keyboard, saves them to a file, and then sends it to a third party. W32/AutoRun.BBC!worm typically spreads from one infected computer to another and, initially, from email spam messages containing malicious file attachments or embedded links. Other sources for a W32/AutoRun.BBC!worm infection include an infected external memory device and attack websites designed specifically to install W32/AutoRun.BBC!worm on visitors' computers.
Once the W32/AutoRun.BBC!worm manages to breach the infected computer's security (by using social engineering tactics to have the victim open its executable file or by running automatically from an infected external drive), the W32/AutoRun.BBC!worm will copy itself to the victim's system directory and create an OCX file named 'oracle' which remains hidden and is where W32/AutoRun.BBC!worm will store its stolen data. W32/AutoRun.BBC!worm also makes changes to the Windows Registry to ensure that W32/AutoRun.BBC!worm runs automatically when the infected computer starts up. Once W32/AutoRun.BBC!worm has done this, W32/AutoRun.BBC!worm creates a backdoor into the infected computer by making changes to the Windows Firewall. Using this backdoor, criminals can communicate with the W32/AutoRun.BBC!worm, send W32/AutoRun.BBC!worm instructions and retrieve stolen data from the infected computer. As part of its attack, the W32/AutoRun.BBC!worm also disables System Restore, Windows Error Reporting and User Access Control alerts in order to make it more difficult for the victim to detect its presence or deal with the aftermath of a W32/AutoRun.BBC!worm infection.
As the holiday season approaches, PC security researchers have observed spam email campaigns that take advantage of this fact. The W32/AutoRun.BBC!worm has been detected in spam email messages that trick computer users into believing that they have received an electronic greeting card. These malicious email messages look highly authentic and often include a flash animation that instructs the recipient to open an attached ZIP file in order to view their 'Christmas Card'. However, opening this file attachment actually installs the W32/AutoRun.BBC!worm on the victim's computer. Another spam email campaign associated with the W32/AutoRun.BBC!worm offers holiday deals on popular gift ideas and includes embedded links that supposedly lead to these special sales. Actually, these links lead to attack websites that attempt to install W32/AutoRun.BBC!worm on the victim's computer.
File System Details
# | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
---|---|---|
1. | Christmas Card.zip |
URLs
W32/AutoRun.BBC!worm may call the following URLs:
hisurnhuh.com |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.