CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
March 29th, 2010

Trojan Poses As Update Utilities For Adobe, DeepFreeze, Java, Windows

Miscreants have begun creating malware that overwrites software update applications from Adobe and others. Email malware that poses as security updates from trusted companies is a frequently used hacker ruse. Malware posing as update utilities, rather than individual updates, represents a new take on the ruse.

Vietnam-based anti-virus firm Bkis said the tactic is a logical follow-on from earlier approaches where viruses replace system-files and startup-program files.

Nguyen Minh Duc, director of Bkis Security, writes that the recently detected Fakeupver trojan establishes a backdoor on compromised systems while camouflaging its presence by posing as an Adobe update utility. The malware camouflages itself by using the same icons and version number as the official package.

Variants of the malware also pose as updaters for Java and other software applications.

Duc explains: “From analysis, we found that malware is written in Visual Basic, faking such popular programs as Adobe, DeepFreeze, Java, Windows, etc. In addition, on being executed, they immediately turn on the following services: DHCP client, DNS client, Network share and open port to receive hacker’s commands.”

Credit: The Register

Share this item with others:

More on CyberInsecure:
  • Mac OS X And Safari Vulnerabilities Patched By Apple In Security Update 2009-001
  • Nobel Peace Prize Website Compromised, Infects Visitors Through Zero-Day Firefox Vulnerability
  • Trojan Poses As Google Chrome Browser Extension
  • Apple Users Targeted By Smut-punting Video Codec Malware
  • Critical Adobe Shockwave Player Vulnerability Affects Millions

    • Posted in Adobe, Cybercrime, Malware, Software, Spam, Trojans & Worms, Windows | Print This Post Print This Post

    This entry was posted on Monday, March 29th, 2010 at 1:33 pm and is filed under Adobe, Cybercrime, Malware, Software, Spam, Trojans & Worms, Windows. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Trojan Poses As Update Utilities For Adobe, DeepFreeze, Java, Windows

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « «
    » »