Trojan Program Infects in the Guise of Compatibility Software

Security researchers from BitDefender, the security company, have issued an alert that a new Trojan horse is prowling on the Net in the guise of software that checks if computers are compatible with Windows 7. According to them, the malware is proliferating fast through an e-mail.

Written in English language, the e-mail advises that the recipient should examine his system with the Upgrade Advisor of Windows 7 that's included in a given .zip attachment. However, as soon as the user opens the attachment, it unleashes the Trojan that pulls down and implants a backdoor that, in turn, downloads more malware.

BitDefender has detected this malware as Trojan.Generic.3783603, which has already been used in a phony password reset scheme on Facebook.

Furthermore, with the malware planted on a computer, cyber-crooks can use it for any purpose according to their wish. This implies they could load a keystroke logging program for theft of banking credentials or even hijack the infected PC.

Further details included that BitDefender first detected the attack on May 9, 2010 and that the attack has not become widespread yet. According to the anti-virus firm, they're aware of nearly 3 instances of the malware's installation every hour which they came to know from their customers in the US.

However, owning to the novelty of the scam, the end result could be a widespread infection of a large number of PCs, said Head of BitDefender's Online Threats Lab, Catalin Cosoi. PCWorld.com reported this on May 10, 2010. Cosoi added that the scam actually works since people are largely interested in Windows 7.

Besides the U.S., the attack has also been reported spreading in Germany.

Remarking about the attack, Cosoi stated that cyber-crooks were, however, shifting from seizing details of users' bank accounts to amassing bots. Searchsecurity.techtarget.com reported this on May 10, 2010.

Consequently, Cosoi thinks that although the Trojan has infected some thousands of users so far, there'll likely be an increase in the number as the scam takes onto more victims.

Nevertheless, to remain secure, BitDefender advises users not to open the attachments that unfamiliar sources might send. Also, they should deploy up-to-date security software that is downloaded only from the authorized website of the vendor.

Related article: Trojans to Target VoIP in 2006

» SPAMfighter News - 5/20/2010