Welcome to the Virus Encyclopedia of Panda Security.
It reaches the computer in an email message which seems to have been sent by the Microsoft Support team, informing users of the publication of a new security patch for Outlook/Outlook Express. It is designed to download and install the rogue antivirus SecurityTool, which makes users think that their computer is infected, so that they purchase a certain antivirus solution.
|First detected on:||Feb. 3, 2010|
|Detection updated on:||Feb. 15, 2010|
Bredolab.Y is a Trojan which is distributed in email messages that seem to have been sent by the Microsoft Support team, informing users that a new security patch for Outlook/Outlook Express has been published and recommending them to install it.
Once installed, the Trojan establishes connections with several addresses from which the rogue antivirus detected as Security Tool is downloaded. This program not only displays annoying alert messages but prevents executable files from being run and hides the icons of the Desktop, not allowing users to work with the computer.
Bredolab.Y is easy to recognize, as it reaches the computer in an email message that seems to contain a Microsoft security update for Outlook/Outlook Express.
The security patch is attached in a file compressed with zip and if it is run, Bredolab.Y will be installed in the computer.
The following is an example of email message used to distribute Bredolab.Y:>