Blog
Rajiv Singha

United We Infect! Vobfus and Beebone – Viral Friends Forever

July 2, 2013
2
Estimated reading time: 2 minutes

If you are having a hard time with your best buddy, it’s time you took a lesson or two from the malware duo – Vobfus and Beebone. Sounds like two hillbilly characters from a cartoon show right? Well, no!

The Sophisticated Malware Duo!
As reported by security experts, Vobfus and Beebone are a pair of malicious programs that have an ingenious technique to help each other survive and dodge security software. And what exactly this technique is? They are designed in such a way that they can download versions of each other, taking alternate turns.

How Does the Duo Work?

Scene 1 – Vobfus makes its entry into the target’s computer.

Scene 2 – Vobfus then calls upon his buddy Beebone, from a remote command-and-control server.

Scene 3 – The drama begins and the two start downloading newer versions of each other.

How Does the Malware Spread?
Usually, it is Vobfus that infects a machine first, followed by Beebone. Vobfus usually spreads through:

– Malicious links on websites

– Networking links to other machines

– USB drives

Why is Vobfus-Beebone a Difficult Problem?
The main challenge of this malware duo lies in their cyclical relationship. Experts say, even if Vobfus gets detected and taken care of, it could have already downloaded Beebone, which again, could download a new, undetected variant of Vobfus.

Vobfus was first detected in 2009. And guess what? It has been a persistent malware threat since; all thanks to the survival game it plays along with Beebone.

What Can You Do?

Two things

A. Follow these few tips:

1. Disable the “autorun” feature on your machine.

2. Avoid clicking links in emails from unknown sources and websites you do not trust.

B. Employ multilayered protection for your machine.

How Quick Heal Security Software Helps Prevent Vobfus Infection

  1. Quick Heal disables the autorun feature of any device that is plugged into your machine, thereby reducing the threat.
  2. Quick Heal is equipped with fixes for the Vobfus malware family.
  3. Its Browser Sandbox security feature creates an isolated virtual environment for your internet browser. So, even if you visit any malicious website, your computer won’t be affected.
  4. The real time cloud-based security of the software restricts access to sites which might contain links infected by malware such as Vobfus.

Have something to add to this story? Share it in the comments.

Rajiv Singha
About Rajiv Singha
Rajiv is an IT security news junkie and a computer security blogger at Quick Heal. He is passionate about promoting cybersecurity awareness, content and digital...
Articles by Rajiv Singha »

2 Comments

Your email address will not be published.

CAPTCHA Image

  1. Hrushi SonarJuly 2, 2013 at 6:17 PM

    Thank you Rajib sir for this info, Really.

    Regards,
    Hrushi Sonar.

    Reply