Backdoor.Vools

Short bio

Backdoor.Vools is Malwarebytes detection name for a Backdoor that steals information from the affectred computer and consequently download and installs other malware.

Type and source of infection

Backdoor.Vools typically installs a crypto-currency-miner on the affected system after communicating back system information.
Backdoor.Vools spreads using the SMB vulnerability released by the ShadowBrokers and connects to other machines at port 445.

Protection

Malwarebytes protects users from Backdoor.Vools by using real-time protection.

block Backdoor.Vools

Malwarebytes blocks Backdoor.Vools

Remediation

Malwarebytes can detect and remove Backdoor.Vools without further user interaction.

  1. Please download Malwarebytes to your desktop.
  2. Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  3. Then click Finish.
  4. Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  5. If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  6. When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  7. Restart your computer when prompted to do so.

Traces/IOCs

Associated files:

%Windir%\SpeechsTracing\spoolsv.exe

Cybersecurity info you can’t do without

Want to stay informed on the latest news in cybersecurity? Sign up for our newsletter and learn how to protect your computer from threats.

Select your language