Blog

Rahul Thadani
HelloBridge Trojan Misuses Panic Created by Heartbleed
May 5, 2014

While the Heartbleed security bug affected thousands of web services worldwide and exposed millions of passwords online, the hype around the bug has subsided over the last couple of weeks. It is still not known how many people have actually heeded the warnings and changed their passwords. However, most major online services have rectified the problem from their server end.

bleeding-heart

OpenSSL technology was compromised as a result of Heartbleed, and any service provider that was using this technology has either shifted from the same or upgraded to another platform. In fact, major technology companies like Google, Microsoft, Facebook and others have significantly contributed in monetary terms, towards the improvement of this platform since then.

Nonetheless, there are several scammers and nefarious parties that are taking advantage of the panic and the false news stories that accompany security threats of this scale. This is something we had thought would happen, and the HelloBridge Trojan seems to be one of many such threats that are aiming to take advantage of the situation.

What is HelloBridge and how does it work?

HelloBridge is the tip of the iceberg of a new attack campaign that fools people into downloading an innocent looking program. The bait that is offered here is a fake Heartbleed vulnerability detection tool that people are lured into installing. Showing a user a prominent and panic-inducing message is not a hard task, so it becomes simple to get someone to download this Trojan.

A simple message like “Check if your PC is infected by Heartbleed” will be more than enough to trick several people into clicking on this link and installing a fake program that deploys malware into the user’s system. So far, this threat seems to be originating from Southeast Asia, but we expect that other similar threats may also arise soon enough.

Once installed on a system, HelloBridge opens a backdoor that allows other malicious files to enter. It constantly exchanges data back and forth with a remote command and control server, and also leaks confidential data from the system. Needless to say, once this Trojan has entered a system, several other issues start cropping up.

Tips to remember to avoid such Trojans

While we cannot prevent each and every person who clicks on such a link, we can offer the following tips to keep in mind about Heartbleed and such fake programs.

germ-158107_1280

  1. Never click on suspicious looking popup ads and messages like this.
  2. Always download programs from trusted sources.
  3. Stay aware about security threats like Heartbleed. It does not affect individual PCs so there is no chance that your system will need a tool to detect its vulnerability and remove it.
  4. Change your passwords if you are using any of these web services.
  5. Always have an effective, reputable and updated antivirus suite installed on your PC.

With the right information and awareness, Trojans like HelloBridge can be avoided and rendered useless. We strongly advise all our readers to stay abreast with the latest developments in the IT and security world, especially when such far-reaching security outbreaks occur. In cases like this, prevention is always better than cure.

Have something to add to this story? Share it in the comments.

Rahul Thadani
About Rahul Thadani
Rahul is a web enthusiast and blogger, and has been writing about the computer security industry for the last three years. Following the latest technology trends,...
Articles by Rahul Thadani »

119 Comments

Your email address will not be published.

CAPTCHA Image

  1. Asish BishoiMay 5, 2014 at 4:24 PM

    I just thank Quick Heal for giving updates about any security threat.More importantly,I quite appreciate about the information about Heartbleed.Thanks .Looking for more updates.

    Reply
  2. ARVIND KUMARMay 5, 2014 at 5:24 PM

    Hi ,
    For past one month daily my notebook get hang and i tried to shut down i recive this message “ONLINENT.EXE is previnting to shiut down” can you please resolve my problem.

    Arvind

    Reply
  3. Virus / Malware may kindly be removed from my computer.

    Reply
  4. sameer landeMay 5, 2014 at 7:31 PM

    help

    Reply
  5. RAJESH KUMAR VISHWAKARMAMay 5, 2014 at 8:44 PM

    I just thank Quick Heal for giving updates about any security threat.More importantly,I quite appreciate about the information about Heartbleed. Thanks .Looking for more updates.

    Reply
    • Hi Rajesh,

      Thank you for those kind words of appreciation. For regular news and updates from Quick Heal labs, you can subscribe to our official blog. Simply provide your email address in the “Stay Updated” section, and follow instructions.

      Regards,

      Reply
  6. Dr C B Singh, Porfessor of BotanyMay 5, 2014 at 8:53 PM

    Thank you Quick Heal. Please continue giving relevant check points and efficient remedies against such things, developed by spoiled brains. I call them ‘Intelligent duffers’.

    Reply
    • Hello Dr C B Singh,

      Thank you for the appreciation. For regular news, alerts, and updates from Quick Heal labs, you can subscribe to our official blog. Simply provide your email address in the “Stay Updated” section, click Subscribe Now, and follow instructions.

      Regards,

      Reply
  7. Amit KumarMay 5, 2014 at 9:37 PM

    My XOLO Q2000 phone is affected by ‘Malware’ in system directory, present quick heal total security is unable to detect, please provide solution.

    Amit

    Reply
  8. sanjeeb dasMay 5, 2014 at 11:17 PM

    Txs 4 healing so quickly

    Reply
  9. satish TrivediMay 6, 2014 at 12:34 AM

    I just thank Quick Heal for giving updates about any security threat.More importantly,I quite appreciate about the information about Heartbleed.Thanks .Looking for more updates.

    Reply
  10. Amit Kumar BeheraMay 6, 2014 at 1:58 AM

    Many Many Thanks to Quick Heal for giving it’s user to the upcoming and latest computer threats and ways to solve them and also tricks to aside them. Thanks for looking for more updated threats

    Reply
  11. QHill is best.

    Reply
  12. Abhishek KeshriMay 6, 2014 at 10:51 AM

    I m curious and wish to know about some symtom/pattern that might provide an idea our system has been attacked by Heartbleed Trojan virus

    Reply
    • Hi Abhishek,

      The consequence of the Heartbleed bug is that several usernames and passwords of users can be accessed and viewed by malicious parties. For the HelloBridge Trojan, some common symptoms are the machine slowing down, Internet bandwidth getting eaten up, suspicious files appearing in the system and strange behavior of the PC. Moreover, if you remember that you recently saw a message about a Heartbleed virus detection tool and clicked on it, then you may have contracted HelloBridge or another version of this Trojan.

      Best regards.

      Reply
      • Keyurbhushan VermaMay 15, 2014 at 6:02 PM

        dear sir,
        i am trying to uninstall quickheal pro 2014 or useing other function but i found “enter password” please help me sir

        Reply
        • Hi Keyurbhushan,

          To resolve this issue can you contact our support center on 0-927-22-33-000. Or submit a ticket by visiting this link -> http://www.quickheal.com/submitticket.asp. They will help you find a solution for this.

          Best regards.

          Reply
        • DESKTOP SUPPORT ENGINEERMay 19, 2014 at 10:47 AM

          Hello Keyurbushan verma ji,
          if you trying to unintall Quick-heal Pro 2014 you will download to ramoval tools for Quickheal Antivirus and Run to your system then completly remove to Quick-heal Antivirus on your system so trying to it.

          Reply
  13. Sk.Mostafizur RahamanMay 6, 2014 at 1:38 PM

    Many Many Thanks to Quick Heal for giving it’s user to the upcoming and latest computer threats and ways to solve them and also tricks to aside them. Thanks for looking for more updated threats.And also thanking you for help me.

    Reply
  14. SPS BindraMay 6, 2014 at 2:14 PM

    You are giving us very detailed information about current malware, hackers, attempts to take control of host PCs and sharing with us the measures required at our end like changing of passwords in case of Heartbleed threat. Now you have advised us to download only from trusted sites and beware from suspicious looking pop ups.

    Thanks a lot.

    Reply
  15. deepak kumarMay 6, 2014 at 2:54 PM

    please aware me time to time that i make mistakes while using net

    Reply
  16. ParichayMay 6, 2014 at 3:20 PM

    Wao! Being online is really scary!! But my quick heal is protecting me upto 2016..so no biggies :3

    Reply
  17. BUBAI PRAMANIKMay 6, 2014 at 5:16 PM

    QUICK HILL IS A SUPER ANTI VIOURS SOFT.WHICH IS PROTECT MY PC AND PHONE.

    Reply
  18. Amar KakadMay 6, 2014 at 6:54 PM

    Thanks Quick Heal for the updates and guidelines to avoid silly mistake which in fact may be harmful.
    Thanks for the sharing that the Heartbleed does not affects a standalone PC.

    Please keep updating and educating..

    Reply
  19. Amar KakadMay 6, 2014 at 7:00 PM

    Hi Rahul,

    Can the Heartbleed affect a smart phone (Galaxy Core).
    If yes, then What’s the solution.?

    Please reply.

    Regards,
    Amar Kakad.

    Reply
    • Hi Amar,

      Heartbleed is a security bug that does not affect individual PCs or smartphones. It affects the service provider of web services like Facebook, Google etc. So your smartphone is immune from Heartbleed. However, anyone who uses these services is vulnerable to Heartbleed, and should change all passwords with immediate effect.

      Best regards.

      Reply
  20. Quick heal is nice anti virus . in my computer upto 2015 april 02

    Reply
  21. TODAY THIS ADDED TO GREAT SERVICE OF QUICK HEAL !

    Reply
  22. Abdul RahmanMay 7, 2014 at 12:49 AM

    2016 next really scary

    Reply
  23. Bineet kumar karnaMay 7, 2014 at 6:29 AM

    thanks quick heal save my all programme.

    Reply
  24. one virus attacked my pan drive the whole data hide but memory used. After opened pen drive no data display. I have scanned from Total security of my pan drive but no virus found there. Why?
    Else I am sure this issue. After format of pen drive the device is blanked & no data remain.I think total security not working properly or fraud (roumers nonsense ” antivirus” etc)

    Reply
  25. Kisholoy GuptaMay 7, 2014 at 9:09 AM

    THANKS FOR INFORMATION.

    I GET USELESS SALES POPUP HOW DO I STOP POPUP.

    Reply
    • Hi Kisholoy,

      In order to prevent sales popups from appearing on your machine while you are surfing the web, you are requested to activate the popup blocker that will be available with your web browser. All web browsers will have this feature accessible.

      Best regards.

      Reply
  26. Many many thanks to quick heal for giving updates for many security threat.looking for more update thanks a lot

    Reply
  27. Shashank RustagiMay 7, 2014 at 1:02 PM

    I am a proud user of Quick Heal since last 4 years
    It is a universal truth that there service and total security is great and no my pc at all
    I thank QHTS for giving me such a worderful antivirus

    Reply
  28. Dear sir,

    Quick heal internet security 15.00 is not Downloading Updates when click on UPDATE NOW. BUTTON

    Reply
  29. Sumin K SudhiMay 8, 2014 at 9:01 AM

    Thanks for the update

    Reply
  30. patil karthikMay 8, 2014 at 10:31 AM

    THANK YOU QUICK HEAL ….A BEST SOFTWARE FOR ANDROID MOBILES………….

    Reply
  31. Ankan Kr. KoleyMay 8, 2014 at 11:07 AM

    I’m using Reliance 3G Connection With Micromax 3G Modem. When I tried to connect to 3G,I had to turn off the firewall.Only at the time of Updating Database it establishes 3G connection,Otherwise its transferred to 2G connection. Please help me.

    Reply
  32. David MakwecheroMay 8, 2014 at 5:18 PM

    hie

    l want to update my Antivirus but the system is now saying DEFINITIONS FILES NOT FOUND. How do l go about this? Please help.

    Reply
  33. Dr Anil ShuklaMay 9, 2014 at 12:35 PM

    Thanks for the update..
    Please keep updating in future, too,..

    Reply
  34. kamal kantMay 9, 2014 at 12:51 PM

    i always use system when quick heal is update so there is no harm is yes then give tip

    Reply
  35. sanjivanMay 9, 2014 at 5:30 PM

    thank quick heal save my all programme

    Reply
  36. Rajesh KumarMay 10, 2014 at 4:23 AM

    thank you

    Reply
  37. nishi agarwalMay 10, 2014 at 10:15 AM

    What is this product key ….??? As I want to register for quick heal but it is demanding for a product key ?? What is it?? Please let me know

    Reply
    • Hi Nishi,

      A product key is nothing but an activation code that you receive upon purchasing a Quick Heal product. Can you specify further which product it is you are interested in?

      Best regards.

      Reply
  38. Amit MukhiMay 10, 2014 at 12:17 PM

    I AM USING TATA PHOTON WHIZ MODEM IN 2G CONNECTION. I HAD INSTALLED GUARDIAN SECURITY. BUT, MY DESKTOP P.C. IS NOT UPDATING SUCCESSFULLY. PLEASE, HELP ME.

    Reply
  39. i have a toolbar named websuave to my browser. while uninstalling it is again and again integrating into my browser.2 times while uninstalling,quickheal mentioned that system is effected by malware. But antimalware scanning shows my system is clean. how to remove that malware from my system?

    Reply
    • Hi Srinivas,

      You should open your PCs Control Panel and look for a program by the name of Websuave there. If found, you should uninstall this program from there. Also go to the web browser that you use and open the settings and remove any plugin or extension by that name. If this doesn’t help, you can reach our support center on 0-927-22-33-000. Or you can even submit a ticket by visiting this link -> http://www.quickheal.com/submitticket.asp.

      Best regards.

      Reply
  40. When I am opening the quickHeal icon, an error message is coming. It reads as follows:

    SCANNER.EXE – Application Error. The instruction at 0x014f00a5 referenced memory at 0x032f7c78. The memory could not be written. click on OK to terminate the programme.

    After clicking OK, the QHeal screen is getting closed. I have renewed the QHeal license online in April 2014. please help to solve this problem.

    thanks.

    Reply
  41. pankaj kumarMay 11, 2014 at 3:55 PM

    hello bridge trojan misuses panic create msg please help me

    Reply
  42. from some days my Quick Heal is blocking two sites. which automatically try to access the page. i tried to find that hidden program but can’t. ca u tell me to find that program which trying to access that website

    Reply
  43. Thankyou quickheal for your useful info

    Reply
  44. surendra patelMay 12, 2014 at 8:41 PM

    Thankyou quickheal for your useful info

    Reply
  45. thanks

    Reply
  46. Raktim DeyMay 13, 2014 at 11:36 AM

    Thank you very much Quickheal for the update.

    Reply
  47. Tejas kaleMay 13, 2014 at 10:15 PM

    hey, while updating my quickheal its showing that some files are currepted.
    if u try another time it gets started and stops in between, anf if u try another time its showing that “HelloBridge Trojan Misuses Panic Created by Heartbleed”. so what should i do??

    Reply
  48. Tarique AnwarMay 14, 2014 at 2:03 PM

    Thanx Quick Heal for giving me such a useful information.

    Reply
  49. bharat patilMay 14, 2014 at 4:41 PM

    quick heal 2014 total security install but after install qh internet down & qh remove internet working what is prob

    Reply
  50. suresh menonMay 14, 2014 at 11:16 PM

    why am not getting the update from Quick heal?

    Reply
  51. If possible, pl share this information as well as other information related to virus detection, removal in pdf file so that we can distribute the same to users.

    Thank You.

    Reply
    • Hello Sandeep,

      Can you please specify if you are using Quick Heal in your organization? A little more clarity about your users will help us provide you with this information.

      Thanks.

      Reply
  52. Minakshi AggarwaMay 15, 2014 at 11:48 AM

    Thanks for the valuable information. I will definitely look forward for more!!

    Reply
  53. digeshwerMay 15, 2014 at 3:19 PM

    thanks

    Reply
  54. aman bansalMay 15, 2014 at 10:39 PM

    My guardian antivirus is not updating when I am providing an internet
    connection so please tell me a solution how to update the antivirus.

    Reply
  55. deepu kumarMay 16, 2014 at 9:46 PM

    Thanks………..Quick heal
    My best & fevorits quick heal . it’s protected my pc & my mobile

    Reply
  56. SIR,MY ANTIVIRUS IS TAKE MORE TIME TO UPDATE BUT MY INTERNET IS WORK FASTLY ,WHY?

    Reply
    • Hi Abhishek,

      Is this something that happens everyday? Or has it only happened once in a while? If there is too much of a gap between the update periods, then it would take longer as there is more data to update.

      Regards.

      Reply
  57. I need your help on two issues please .
    1.Firstly my laptop has begun to hang and after no amount of waiting does it become active again . I am then forced to switch it off using the power button.
    2.A few days back I received a message re: updating Skype – on downloading the file the publisher’s name was shown as KawaqaSoft . Today the same publisher is offering an update for Adobe Reader. I googled the name only to find no match for the same.
    What should I do ?
    Regards !

    Reply
    • Hi Satish,

      It seems some form of malware may have entered your system. Firstly, you must remove all the programs like Skype mentioned above, which may be the cause of this issue. Secondly, you must carry out a full system scan with Quick Heal. If the issue still persists, you need to contact our support center on 0-927-22-33-000. Or submit a ticket by visiting this link -> http://www.quickheal.com/submitticket.asp. Our support team will help you immediately resolve this issue.

      Best regards.

      Reply
  58. Sanjeev choudharyMay 17, 2014 at 1:59 PM

    hi Rahul
    windows xp continuous restart problem then quick heal 2014 total security remove resolve it .what is problem and why quick heal not resolve this issue

    Reply
  59. HI,
    MY QUICK HEAL TOTAL SECURITY 2013 WILL EXPIRE AFTER FEW DAYS. MAY YOU HELP ME, HOW DO I UPDATE OR PURCHASE IT AGAIN…SHOULD I DO IT ONLINE. IF YES, THEN FROM WHERE OR MAY I CONTACT THE CENTER WHERE I PREVIOUSLY PURCHASED IT.
    THANK YOU,
    WITH REGARDS…

    Reply
  60. Naveen kumarMay 17, 2014 at 11:09 PM

    I have installed quick heal total security on 25.02.2014. Recently virus got attack on my laptop and it disable my laptop from internet connection and also quick heal security system disable from all mode, the message coming on the quick heal blug is HelloBridge Trojan Misuses Panic Created by Heartbleed. Finally i uninstalled quick heal and then connect the internet but i don’t install quick heal in my laptop properly. What do i do ?

    Reply
  61. Heera LalMay 18, 2014 at 2:25 AM

    Hi
    is it require to full system scam on weekly basis
    or not
    Quick Heal Internet security can detect thereat without scan.

    Reply
    • Hi Heera,

      It is advisable that you carry out a full system scan 2 times a month. On the other hand, if you feel your PC is performing sluggishly and could be the victim of a malware attack, then you should carry out a full system scan immediately.

      Regards.

      Reply
  62. i want to mobile scan on quick heal
    tell me how to do

    Reply
  63. arun kumarMay 18, 2014 at 5:03 PM

    i am using quick heal antivirus even though my laptop showing hanging problem.
    my laptop is sony vio 4 GB RAM 500 HD AND I3 PROCESSOR.
    PLEASE HELP ME

    Reply
  64. Quickheal is best antivirus

    Reply
  65. Dear sir’
    How can i remove virus from my phone.
    Quice heal shows that internal software has virus and he has no permission.
    Please solve my problem.

    Reply
  66. Is it possible that my Mac is affected by HelloBridge..??
    If yes then what are d ways to diagnose and how should I prevent it…???

    Reply
    • Hi Sandesh,

      Chances of your Mac being affected by HelloBridge are very slim. Did you by any chance download a program or software that claimed to remove Heartbleed from your computer?

      Regards.

      Reply
  67. please help me, i am unable to update my Quick Heal Total Security, many time tried to update but unfortunately its not complete. plz give me a proper suggestion for this problem.

    and what is HelloBridge Trojan Misuses Panic Created by Heartbleed.

    Reply
  68. I am unable to install updates…….. the quick update task does not complete the process………. please help!!!

    Reply
  69. It says “Unable to complete the download process due to Internet Connection disconnected by remote side. Please check your Internet Connection and run Quick Update to update your Guardian” while my internet connection is still on…………. What to do???

    Reply
  70. A.SRINIVASAN:June 10, 2014 at 9:48 AM

    Udara_Video this is new virus. How remove this virus

    Reply
  71. vishal singhJuly 13, 2014 at 11:56 AM

    my computer shut down automatically.and on restarting it suggested me to go online and check for solution

    Reply
  72. Abdul RaziqueJuly 22, 2014 at 7:21 PM

    I have facing problem to update my quick heal internet security from 18th July. it after sixty percent update deny to access. kindly help me.

    Reply
  73. Saranjeet SinghAugust 3, 2014 at 8:32 PM

    my Quick Heal total security is not being updated since 06 Jun 2014. My licence is valid till May 2015. Can you help me ?

    Reply