Threat Summary
Threat Summary | |
Name | Spidey Bot |
Type | Trojan |
Propagation Method | Via Discord messages |
Application used | Discord messaging service |
Affected PC | Windows 7, 8, 8.1 and the latest Windows 10. |
Information collected | IP addresses, Time zone, screen resolution, username, phone number, email address, data that is stored in the Windows clipboard etc |
Removal | Click to remove Spidey Bot |
Description Of Spidey Bot
These days, cyber criminals tend to come up along with more and more intricate ideas when it comes to developing threats. Cyber crooks use one interesting method to utilize legitimate applications for their untrustworthy purposes. This is what exactly the creators of the Spidey Bot have done. In the case of Spidey Bot, the genuine application used in it is the Discord messaging service. The creators of this threat have ensured that the corrupted code of the Spidey Bot is injected into the Discord's file. When this has been completed at once, the Spidey Bot will reboot the messaging application inorder to make sure that the corrupted modules will be running and up.
So many applications are built up with the help of a particular toolkit which is called Electron. The Electron framework allows software developers to build up applications with the help of using basic coding languages like JavaScript, CSS and HTML. Although, this technique has its own downside which is utilizing the Electron framework that makes it rather easy for cyber crooks to plant their own code in legitimate applications. Cyber criminals plant a bad code, with the help of using the Electron Framework.
The Spidey Bot ensures to enable which is called a persistent backdoor, by making use of the 'webhook' features of Discord, which are built up into the application. Since, the Spidey Bot is operating via Discord so that it can easily access information such as IP addresses, Time zone, screen resolution, username, phone number, email address, data that is stored in the Windows clipboard, data regarding games and applications which are linked to the victim's account, any payment information which is present on user account and the Discord token of the victim which is used as a means of authorization. This capability of collecting information is hazardous to users in future.
It appears that the Spidey Bot is being propagated through Discord messages. The attackers offer their targets to initialize a file which they present as a game cheat or a cracked application. Ensure you reinstall Discord, if you have become one of the victims of the Spidey Bot. You can try this using anti-malware application but since the authors of the Spidey Bot have hidden it within Discord and it is perhaps that the application will be white-listed by security tools because it is well recognized as a genuine service.
>>Free Download Spidey Bot Scanner<<
How to Remove Spidey Bot from Compromised PC (Manual Steps)
(This guide is intended to help users in following Step by Step instructions in making Windows Safe)
The first step which need to be followed is to Restart Windows PC in Safe Mode
Reboot in Safe Mode (For Windows XP | Vista | Win7)
- Restart Computer
- Tap on F8 continuously when the PC starts booting and select the option to enter Safe Mode with Networking.
For Windows 8/8.1
- Press on the Start Button and then Choose Control Panel from the menu option
- Users need to opt for System and Security, to select Administrative Tools and then System Configuration.
3. Next, Click on the Safe Boot option and then choose OK, this will open a pop-up window, next Select Restart Option.
For Windows 10
- Start Menu is to be selected to Open it
- Press the power button icon which is present in the right corner, this will display power options menu.
- Keeping the SHIFT Key pressed on the keyboard, select the restart option. This will reboot Win 10
- Now you need to select the Troubleshoot icon, followed by advanced option in the startup Settings. Click on Restart. This will give the option to reboot, now select Enter Safe Mode with Networking.
Step 2. Uninstall Spidey Bot from Task Manager on Windows
How to End the Running Process related to Spidey Bot using Task Manager
- Firstly, Open Task Manager by Pressing Ctrl+Shift+Esc in Combination
- Next, Click on processes to Find Spidey Bot
- Now Click and select End Process to terminate Spidey Bot.
Step3: How to Uninstall Spidey Bot from Control Panel on Windows
for Win XP| Vista and Win 7 Users
- Click and Select on Start Menu
- Now Control Panel is to be selected from the list
- Next Click on Uninstall Program
- Users need to Choose suspicious program related to Spidey Bot and right clicking on it.
- Finally, Select Uninstall option.
For Win 8
- Click and Select “Charms bar”
- Now Select Settings Option
- Next Click on Control Panel
- Select on Uninstall a Program Option and right click on program associated to Spidey Bot and finally uninstall it.
For Windows 10
- The first Step is to Click and Select on Start Menu
- Now Click on All Apps
- Choose Spidey Bot and other suspicious program from the complete list
- Now right Click on to select Spidey Bot and finally Uninstall it from Windows 10
Step: 4 How to Delete Spidey Bot Created Files from Registry
- Open Registry by Typing Regedit in the Windows Search Field and then press on Enter.
- This will open the registry entries. Now users need to press CTRL + F together and type Spidey Bot to find the entries.
- Once located, delete all Spidey Bot named entries. If you are unable to find it, you need to look up for it on the directories manually. Be careful and delete only Spidey Bot entries, else it can damage your Windows Computer severely.
HKEY_CURRENT_USER—-Software—–Random Directory.
HKEY_CURRENT_USER—-Software—Microsoft—-Windows—CurrentVersion—Run– Random
HKEY_CURRENT_USER—-Software—Microsoft—Internet Explorer—-Main—- Random
Still having any problem in getting rid of Spidey Bot, or have any doubt regarding this, feel free to ask our experts.