Kaspersky Labs Finds Bogus Keygen for its AVs
Investigators from Kaspersky Labs the security company say that their company's products have a keygen, which comes packed with two Trojans capable of stealing information.
Notably, Keygen, which in the expanded form reads "key generator," is tiny software which produces authentic CD keys alternatively registration or serial numbers pertaining to an application.
Says Kaspersky, its researchers lately spotted the said keygen on online sites for file sharing and that the software claims for producing serial keys pertaining to Kaspersky Simple Scan 2010, Kaspersky Internet Security 2010 and Kaspersky anti-virus 2010.
Warns Security Expert Vyacheslav Zakorzhevsky at Kaspersky Labs, the newly found keygen's interface is in reality a Trojan downloader. Softpedia.com published this on January 14, 2011.
Zakorzhevsky notes that whilst a user lingers to get the free serial key's result, a pair of malicious programs that the downloader surreptitiously installs and executes infects the user's computer.
States Kaspersky that it detected one of the programs as Trojan.MSIL.Agent.aor, which captures other software's registration data along with passwords commonly related to Internet games. Moreover, after capturing the data, the program stores it inside a file.
Further, the Trojan even alters one particular system file of the host PC for preventing several websites from opening. Thus, the websites like 'virusscan.jotti.org' and 'virustotal.com' that offer several anti-virus companies' solutions for file-scanning fail to open.
The other malicious program that the downloader installs is certain backdoor that as well features keylogger functionality, gathering information generated from the user's keystrokes. Kaspersky's security investigators identified this program as Trojan.Win32.Liac.gfu.
Remarking about the above incident, the security researchers said that it indicated that even while hunting to get software for malware protection, end-users might encounter malicious programs. And since paid anti-virus solutions could be expensive, people could choose non-chargeable solutions that had developed greatly over the recent years so far as protection from them was concerned, they added.
Besides, experts on computer security as well suggest end-users that in case they doubt a malware infection on their system while browsing a website they must instantly shut down their PC as that will effectively stop the auto-installation of the malware.
» SPAMfighter News - 27-01-2011