Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Phony VirusTotal Website Pushes Malicious Software: Kaspersky

Investigators at Kaspersky Lab the security company have warned that a phony VirusTotal online site is spreading malware.

It may be noted that VirusTotal is one widely used facility with which computer operators can scan files using numerous anti-virus engines. A huge number of professionals as well as routine end-users use this website nearly everyday.

Typically, the fake website, which Kaspersky investigators spotted, appears identical to the original VirusTotal site and encourages visitors for executing a malicious Java applet.

This applet doesn't have a signature from an authorized certificate; therefore the fake site asks end-users to confirm after running it, albeit the impact isn't too varied as evident from the same type of assaults over the past.

The applet essentially represents an installer of Java-based Trojans, which spreads a malicious program that Kaspersky Lab has detected as Worm.MSIL.Arcdoor.ov.

Telling more about the said assault, Kaspersky stated that the worm's objective was to infect PCs and recruit them to a botnet through which Distributed Denial-of-Service (DDoS) attacks would be carried out. Also, the infected PCs would exchange messages with the command-and-control (C&C) server regarding their type, hostname, operating software version etc., the company added. Net-security.org published this on May 24, 2011.

Kaspersky stressed that normally the above kind of assaults took place via one main hub that was used for the attacker to work out hostile maneuvers with the help of Cythosia or NOise viz. names of web-software DDoS Framework. Those software programs made an extensive impact and thus raised their demand amidst hackers mainly from Germany, Kaspersky continued.

Citing the above assault, Kaspersky cautioned that malware purveyors had recently started to put together malicious JavaScript as well as social engineering tactics, as the combination let them to contaminate PCs irrespective of which operating system or Web-browser the machines used.

However, identifying the above online danger as proactive, the security company goes on with investigating into the offensive operations.

Eventually, exploitation of VirusTotal's brand name for disseminating malware isn't something new. During February 2010 too, according to security specialists, cyber-crooks utilized a phony VirusTotal site so they could spread 'scareware' to contaminate users' computers.

Related article: PM’s Official Web Site Targeted By Hackers

» SPAMfighter News - 6/3/2011

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page