Phony Adware Scanner Downloads Bogus Antivirus
Security researchers at Sophos are tracking down certain fresh changes to the now long-time known idea of presenting fake antivirus software, which infect people's computers.
To begin with, the researchers indicated via an online posting that they had found certain rogue adware scanner known as 'Anti-Adware Online Scanner,' which tried to dupe end-users into going to its distribution websites where a Trojan would get downloaded and installed on their systems.
Some time later, an alert message pops up that falsely tells the user that several viruses and spyware have infected his system. It then produces a web-link, which if the victim clicks would start downloading a file called Setup.exe. People, who become convinced of this trick, encounter a Trojan called Troj.FakeAV-ABD, the researchers inform.
A particularly interesting fact about the website is that it changes language and interface, based on the IP address of the user.
Moreover, in majority of the instances, the researchers state that the new phony scanner uses several similar components found in earlier fake AV programs. The techniques it combines render the fresh variation of old idea like the dynamic style with which it makes its introduction.
Meanwhile, Sophos researchers also outlined that they had spotted another phony AV Trojan, which is also designed to download an information sniffer dubbed "Troj/Sniffer-R" on end-users' computers. The Trojan characteristically stole login credentials of users so that it could invade FTP systems. Thereafter, it seized the host's user-ID and password linked to an outgoing FTP connection and examined for the validity of the user-ID and password via the parsing of inbound web traffic related to the login efficacy condition code, the experts noted.
Hence, while users have been advised to do the utmost for self-defense, it's even more vital that website administrators should install patches on their servers and keep them up-to-date.
Related article: PM’s Official Web Site Targeted By Hackers
» SPAMfighter News - 13-10-2009