HelloBridge Trojan Misuses Panic Created by Heartbleed
While the Heartbleed security bug affected thousands of web services worldwide and exposed millions of passwords online, the hype around the bug has subsided over the last couple of weeks. It is still not known how many people have actually heeded the warnings and changed their passwords. However, most major online services have rectified the problem from their server end.
OpenSSL technology was compromised as a result of Heartbleed, and any service provider that was using this technology has either shifted from the same or upgraded to another platform. In fact, major technology companies like Google, Microsoft, Facebook and others have significantly contributed in monetary terms, towards the improvement of this platform since then.
Nonetheless, there are several scammers and nefarious parties that are taking advantage of the panic and the false news stories that accompany security threats of this scale. This is something we had thought would happen, and the HelloBridge Trojan seems to be one of many such threats that are aiming to take advantage of the situation.
What is HelloBridge and how does it work?
HelloBridge is the tip of the iceberg of a new attack campaign that fools people into downloading an innocent looking program. The bait that is offered here is a fake Heartbleed vulnerability detection tool that people are lured into installing. Showing a user a prominent and panic-inducing message is not a hard task, so it becomes simple to get someone to download this Trojan.
A simple message like “Check if your PC is infected by Heartbleed” will be more than enough to trick several people into clicking on this link and installing a fake program that deploys malware into the user’s system. So far, this threat seems to be originating from Southeast Asia, but we expect that other similar threats may also arise soon enough.
Once installed on a system, HelloBridge opens a backdoor that allows other malicious files to enter. It constantly exchanges data back and forth with a remote command and control server, and also leaks confidential data from the system. Needless to say, once this Trojan has entered a system, several other issues start cropping up.
Tips to remember to avoid such Trojans
While we cannot prevent each and every person who clicks on such a link, we can offer the following tips to keep in mind about Heartbleed and such fake programs.
- Never click on suspicious looking popup ads and messages like this.
- Always download programs from trusted sources.
- Stay aware about security threats like Heartbleed. It does not affect individual PCs so there is no chance that your system will need a tool to detect its vulnerability and remove it.
- Change your passwords if you are using any of these web services.
- Always have an effective, reputable and updated antivirus suite installed on your PC.
With the right information and awareness, Trojans like HelloBridge can be avoided and rendered useless. We strongly advise all our readers to stay abreast with the latest developments in the IT and security world, especially when such far-reaching security outbreaks occur. In cases like this, prevention is always better than cure.
I just thank Quick Heal for giving updates about any security threat.More importantly,I quite appreciate about the information about Heartbleed.Thanks .Looking for more updates.
Hi ,
For past one month daily my notebook get hang and i tried to shut down i recive this message “ONLINENT.EXE is previnting to shiut down” can you please resolve my problem.
Arvind
Hi Arvind,
To resolve this issue, you are requested to call our support center on 0-927-22-33-000. Alternately, you can also submit a ticket by visiting this link – https://www.quickheal.com/submitticket.asp. Our support team will help you with this problem.
Regards.
Virus / Malware may kindly be removed from my computer.
Hi KVIC,
Could you elaborate on the issue that you are facing?
Regards,
help
Hello Sameer,
Could you elaborate on the issue you are facing?
Regards,
I just thank Quick Heal for giving updates about any security threat.More importantly,I quite appreciate about the information about Heartbleed. Thanks .Looking for more updates.
Hi Rajesh,
Thank you for those kind words of appreciation. For regular news and updates from Quick Heal labs, you can subscribe to our official blog. Simply provide your email address in the “Stay Updated” section, and follow instructions.
Regards,
Thank you Quick Heal. Please continue giving relevant check points and efficient remedies against such things, developed by spoiled brains. I call them ‘Intelligent duffers’.
Hello Dr C B Singh,
Thank you for the appreciation. For regular news, alerts, and updates from Quick Heal labs, you can subscribe to our official blog. Simply provide your email address in the “Stay Updated” section, click Subscribe Now, and follow instructions.
Regards,
My XOLO Q2000 phone is affected by ‘Malware’ in system directory, present quick heal total security is unable to detect, please provide solution.
Amit
Hi Amit,
We would request you to get in touch with our support team so that they can analyze the issue and provide you with a solution. You can contact them at 0-927-22-33-000. You can also raise a query at https://www.quickheal.com/submitticket.asp. Our support team will get back to you to help you solve the issue.
Regards,
Txs 4 healing so quickly
I just thank Quick Heal for giving updates about any security threat.More importantly,I quite appreciate about the information about Heartbleed.Thanks .Looking for more updates.
Many Many Thanks to Quick Heal for giving it’s user to the upcoming and latest computer threats and ways to solve them and also tricks to aside them. Thanks for looking for more updated threats
QHill is best.
I m curious and wish to know about some symtom/pattern that might provide an idea our system has been attacked by Heartbleed Trojan virus
Hi Abhishek,
The consequence of the Heartbleed bug is that several usernames and passwords of users can be accessed and viewed by malicious parties. For the HelloBridge Trojan, some common symptoms are the machine slowing down, Internet bandwidth getting eaten up, suspicious files appearing in the system and strange behavior of the PC. Moreover, if you remember that you recently saw a message about a Heartbleed virus detection tool and clicked on it, then you may have contracted HelloBridge or another version of this Trojan.
Best regards.
dear sir,
i am trying to uninstall quickheal pro 2014 or useing other function but i found “enter password” please help me sir
Hi Keyurbhushan,
To resolve this issue can you contact our support center on 0-927-22-33-000. Or submit a ticket by visiting this link -> https://www.quickheal.com/submitticket.asp. They will help you find a solution for this.
Best regards.
Hello Keyurbushan verma ji,
if you trying to unintall Quick-heal Pro 2014 you will download to ramoval tools for Quickheal Antivirus and Run to your system then completly remove to Quick-heal Antivirus on your system so trying to it.
Many Many Thanks to Quick Heal for giving it’s user to the upcoming and latest computer threats and ways to solve them and also tricks to aside them. Thanks for looking for more updated threats.And also thanking you for help me.
You are giving us very detailed information about current malware, hackers, attempts to take control of host PCs and sharing with us the measures required at our end like changing of passwords in case of Heartbleed threat. Now you have advised us to download only from trusted sites and beware from suspicious looking pop ups.
Thanks a lot.
please aware me time to time that i make mistakes while using net
Wao! Being online is really scary!! But my quick heal is protecting me upto 2016..so no biggies :3
QUICK HILL IS A SUPER ANTI VIOURS SOFT.WHICH IS PROTECT MY PC AND PHONE.
Thanks Quick Heal for the updates and guidelines to avoid silly mistake which in fact may be harmful.
Thanks for the sharing that the Heartbleed does not affects a standalone PC.
Please keep updating and educating..
Hi Rahul,
Can the Heartbleed affect a smart phone (Galaxy Core).
If yes, then What’s the solution.?
Please reply.
Regards,
Amar Kakad.
Hi Amar,
Heartbleed is a security bug that does not affect individual PCs or smartphones. It affects the service provider of web services like Facebook, Google etc. So your smartphone is immune from Heartbleed. However, anyone who uses these services is vulnerable to Heartbleed, and should change all passwords with immediate effect.
Best regards.
Quick heal is nice anti virus . in my computer upto 2015 april 02
TODAY THIS ADDED TO GREAT SERVICE OF QUICK HEAL !
2016 next really scary
thanks quick heal save my all programme.
one virus attacked my pan drive the whole data hide but memory used. After opened pen drive no data display. I have scanned from Total security of my pan drive but no virus found there. Why?
Else I am sure this issue. After format of pen drive the device is blanked & no data remain.I think total security not working properly or fraud (roumers nonsense ” antivirus” etc)
Hi Ram,
Kindly contact our support team at 0-927-22-33-000.
You can also raise a query at https://www.quickheal.com/submitticket.asp. Our support team will get back to you to resolve the issue you are facing.
Regards,
THANKS FOR INFORMATION.
I GET USELESS SALES POPUP HOW DO I STOP POPUP.
Hi Kisholoy,
In order to prevent sales popups from appearing on your machine while you are surfing the web, you are requested to activate the popup blocker that will be available with your web browser. All web browsers will have this feature accessible.
Best regards.
Many many thanks to quick heal for giving updates for many security threat.looking for more update thanks a lot
I am a proud user of Quick Heal since last 4 years
It is a universal truth that there service and total security is great and no my pc at all
I thank QHTS for giving me such a worderful antivirus
Hi Shashank,
Thank you for the appreciation and for choosing Quick Heal.
Regards,
Dear sir,
Quick heal internet security 15.00 is not Downloading Updates when click on UPDATE NOW. BUTTON
Hi Kinjal,
Kindly contact our support team at 0-927-22-33-000.
You can also raise a query at https://www.quickheal.com/submitticket.asp. Our support team will get back to you to resolve the issue you are facing.
Regards,
Regards,
Thanks for the update
THANK YOU QUICK HEAL ….A BEST SOFTWARE FOR ANDROID MOBILES………….
I’m using Reliance 3G Connection With Micromax 3G Modem. When I tried to connect to 3G,I had to turn off the firewall.Only at the time of Updating Database it establishes 3G connection,Otherwise its transferred to 2G connection. Please help me.
Hello Ankan,
Thank you for writing to us. Have you tried contacting your Internet Service Provider for this issue?
Regards,
hie
l want to update my Antivirus but the system is now saying DEFINITIONS FILES NOT FOUND. How do l go about this? Please help.
Hi David,
To resolve this issue, you would need to contact our support center. You can call them on 0-927-22-33-000. Or you can submit a ticket by visiting this link -> https://www.quickheal.com/submitticket.asp. They will help you with a quick solution for this issue.
Best regards.
Thanks for the update..
Please keep updating in future, too,..
i always use system when quick heal is update so there is no harm is yes then give tip
thank quick heal save my all programme
thank you
What is this product key ….??? As I want to register for quick heal but it is demanding for a product key ?? What is it?? Please let me know
Hi Nishi,
A product key is nothing but an activation code that you receive upon purchasing a Quick Heal product. Can you specify further which product it is you are interested in?
Best regards.
I AM USING TATA PHOTON WHIZ MODEM IN 2G CONNECTION. I HAD INSTALLED GUARDIAN SECURITY. BUT, MY DESKTOP P.C. IS NOT UPDATING SUCCESSFULLY. PLEASE, HELP ME.
Hi Amit,
To resolve this issue, you would need to speak with our support team. They can be reached at 0-927-22-33-000. Or you can even submit a ticket by visiting this link -> https://www.quickheal.com/submitticket.asp. They will help you find a solution to this.
Regards.
i have a toolbar named websuave to my browser. while uninstalling it is again and again integrating into my browser.2 times while uninstalling,quickheal mentioned that system is effected by malware. But antimalware scanning shows my system is clean. how to remove that malware from my system?
Hi Srinivas,
You should open your PCs Control Panel and look for a program by the name of Websuave there. If found, you should uninstall this program from there. Also go to the web browser that you use and open the settings and remove any plugin or extension by that name. If this doesn’t help, you can reach our support center on 0-927-22-33-000. Or you can even submit a ticket by visiting this link -> https://www.quickheal.com/submitticket.asp.
Best regards.
When I am opening the quickHeal icon, an error message is coming. It reads as follows:
SCANNER.EXE – Application Error. The instruction at 0x014f00a5 referenced memory at 0x032f7c78. The memory could not be written. click on OK to terminate the programme.
After clicking OK, the QHeal screen is getting closed. I have renewed the QHeal license online in April 2014. please help to solve this problem.
thanks.
Hello D Bagchi,
You are requested to call our support center on 0-927-22-33-000. Or you can even submit a ticket by visiting this link -> https://www.quickheal.com/submitticket.asp. Our support center will help you resolve this issue that you are facing.
Best regards.
hello bridge trojan misuses panic create msg please help me
Hello Pankaj,
How may we help you? Can you elaborate further on the issue that you are facing.
Thanks.
from some days my Quick Heal is blocking two sites. which automatically try to access the page. i tried to find that hidden program but can’t. ca u tell me to find that program which trying to access that website
Hello Sadanand,
To get an answer to the question you have asked, you would need to speak with our support center. You can call them on 0-927-22-33-000. Or you can even submit a ticket at this link -> https://www.quickheal.com/submitticket.asp. They will immediately help you resolve your query.
Best regards.
Thankyou quickheal for your useful info
Thankyou quickheal for your useful info
thanks
Thank you very much Quickheal for the update.
hey, while updating my quickheal its showing that some files are currepted.
if u try another time it gets started and stops in between, anf if u try another time its showing that “HelloBridge Trojan Misuses Panic Created by Heartbleed”. so what should i do??
Hi Tejas,
In order to resolve this, can you contact our support center on 0-927-22-33-000. You can also submit a ticket by visiting this link -> https://www.quickheal.com/submitticket.asp. Our support team will help you out with this matter.
Best regards.
Thanx Quick Heal for giving me such a useful information.
quick heal 2014 total security install but after install qh internet down & qh remove internet working what is prob
Hi Bharat,
To resolve this issue can you contact our support center on 0-927-22-33-000. Or submit a ticket by visiting this link -> https://www.quickheal.com/submitticket.asp. They will help you find a solution for this.
Best regards.
why am not getting the update from Quick heal?
Hi Suresh,
To resolve this issue can you contact our support center on 0-927-22-33-000. Or submit a ticket by visiting this link -> https://www.quickheal.com/submitticket.asp. They will help you find a solution for this.
Best regards.