Trojan FakeAle Creates Scareware Package
Internet security company, Sophos, has detected a spam operation that behaves similar to the malicious FakeAle Trojan that it spotted in early June 2008. Troj/FakeAle-Al is a Trojan designed to work on Windows computers.
It is also designed to access Internet and to establish a connection with a server located remotely using HTTP. Once Troj/FakeAle-Al is installed, it copies itself to <Windows>xpupdate.exe and opens the file <User>\Application Data\Install.dat.
The spam operation first came to the notice of Mrs. Chris, wife of a Register reader, when she was using her spouse's computer to check her Hotmail account. During the browsing, Mrs. Chris came across scareware bundles that picked up her husband's computer name from the system's registry.
Mrs. Chris ...
» SPAMfighter News - 11-07-2008