Home Malware Programs Trojans Bicololo

Bicololo

Posted: June 10, 2013

Bicololo Screenshot 1Bicololo is a Russian-targeting browser hijacker that redirects its victims to websites that steal information through disguising themselves as popular sites (such as Facebook). Bicololo variants are, themselves, often distributed through spam in social networks, which include links pointing to disguised installers for Bicololo. The latest propagation attempt for Bicololo includes mis-marketing Bicololo as a version of Vipre Antivirus, a legitimate AV product. Education and high awareness of potential copycat sites will help you both prevent a potential Bicololo infection and deal with the consequences of Bicololo's redirects to hostile sites. Since Bicololo attempts to hide its components from your observation and will not respond to normal uninstallation methods, SpywareRemove.com malware researchers encourage enabling anti-malware software as the readiest way to remove Bicololo safely.

Bicololo: Playing the Deadly Host to Your Web-Browsing Travels

The majority of browser hijackers use redirects to search engines, advertisements and other such trivial content, but SpywareRemove.com malware analysts categorize Bicololo as significantly more dangerous than such low-level PC threats as a result of its choice in Web destinations. Through common Hosts file exploits, Bicololo can redirect your browser from any given specific websites towards any other specific website of its choosing, and thus far, its choices all involve phishing sites.

Phishing sites imitate the appearances of harmless sites and, in the case of Bicololo-promoted domains, even copy the exact look and interface of prominent sites like my.mail.ru or vk.ru. Social networking sites, including blogs like WordPress and sites that claim to distribute mobile phone applications, also are used to spread Bicololo through misleading links, forming a circular marketing strategy based on deceit for profit. After your PC is infected by Bicololo, Bicololo will redirect your browser whenever it attempts to load a specific site. The new site will steal any information – such as account credentials – that are given to it, with only the site's Web address as a clue to its real intentions.

Both old and new versions of Bicololo appear to target residents of Russia as preferred victims. Although SpywareRemove.com malware experts can confirm that the new version of Bicololo's installer is disguised as a fake Vipre Antivirus installer, this variant of Bicololo doesn't appear to have any new features to put into play after Bicololo infects your PC. However, the Hosts file-based browser redirects launched by Bicololo are quite dangerous enough in and of themselves, and can theoretically affect PCs in all nations.

The Lesson Plan that Helps You Learn to Avoid Bicololo

Bicololo relies very heavily on social networking and fraudulent advertisements to encourage its victims to infect their own computers. SpywareRemove.com malware researchers warn that you should be cautious about sites that resemble well-known ones, but have major discrepancies – especially in terms of the Web address or URL – that often are indicative of a phishing site. The pixel-perfect copycat sites promoted by Bicololo will not, of course, have the actual functionality of the real sites that they imitate, but may merely give a generic error message if you attempt to log in to your account or give them any other personal information.

Passwords and related account information always should be changed following any compromises by phishing sites, regardless of whether they benefited from Bicololo redirects or were contacted through some other method. Removing Bicololo also should use appropriate anti-malware tools, as SpywareRemove.com malware researchers always suggest for mid and high-level PC threats. The anti-malware software used for deleting Bicololo may detect Bicololo by different names, such as a Qhosts variant like Trojan.Win32.Qhosts.af (v).

Loading...