Two Hoax Installers Used to Spread Lop Adware

Panda Security, a well-known provider of IT security solutions, from Spain announced on August 20, 2008 that PandaLabs identified two hoax P2P software installers namely Torrent101-4.5.0.0 and BitRoll-5.0.0.0 that scammers using to download the Lop adware onto the computers of unwary users.

Security specialists said that these installers are employed to exchange contents between users located remotely. Also, they can be downloaded from the Internet; therefore, any user accesses them became infected.

Furthermore, the Lop adware displays various advertisers' ads through banners, pop-up windows etc. It is also designed to switch the home page of Internet Explorer to its own search engine. Thus, search hits from this engine returns advertising pages pertaining to the key words typed in. Cyber crooks are also using other bogus applications to install malware such as bitdownloadsetup.exe and wavesoftwarecreative.exe (that pretends to be audio software).

In attempts to prevent detection, the adware periodically connects to a page from where it downloads files that contain the code's variants, and makes it hard to remove all active malware from the system. For users who try to work with the installed program, files may only be searched but not accessed for download.

According to Luis Corrons, Technical Director of PandaLabs, many times users unknowingly agree to install offensive adware on the basis of clauses in other applications' license contracts. However, in the present case, the agreement mentions nothing about loading of Lop, as reported by MarketWatch on August 20, 2008.

Jeremy Matthews, Head of Panda Security's sub-Saharan Operations, said that the scam points to an increasing trend of cyber criminals using fake applications to plant malicious code, as reported by ITWeb on August 22, 2008. Matthews also said that bitdownloadsetup.exe and wavesoftwarecreative.exe are other samples of the same technique.

He further said that users needed to be very careful about the applications they select to download from the Web. While it is safe to download from reputable sites, it is also important to verify the product planned to download. This can be ensured with a simple Google search.

Related article: THE SPAM MAFIA

» SPAMfighter News - 01-09-2008

All SPAMfighter products offer a free trial!

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail, Windows Live Mail and Thunderbird.

Optimize your Slow PC for better performance. Try FREE scan now

Disk space recovery
and disk optimization. Try FULL-DISKfighter free

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial.

Remove Spyware with SPYWAREfighter - Free 30 days trial

Antivirus software for your Windows PC - Free 30 days trial