http://200-98-200-41.{BLOCKED}ol.com.br

 Analysis by: Kenneth Guang Zheng Lee

 URL BLOCKING DATE/TIME: 14 May 2013 02:45:00 PM GMT-8
 RATING: HIGH
 DOMAIN: clouduol.com.br
 CATEGORY: Disease Vector
 DESCRIPTION:

WORM_LUDER.USR sends the gathered information—such as account names, email addresses and passwords by monitoring web activities and logging keystrokes—via HTTP POST to this URL. This malware arrives via a homemade browser targeting “Banco de Brasil” users.

Related Malware