Trend Micro Identifies Malware Purporting Trend Micro Component
A newly found malware type is using to con users by claiming that it is not a warning by forwarding itself off as a component of Trend Micro, claims security experts at security firm, Trend Micro.
In addition, the Trojan leaves a Bitcoin miner application that generates money for the malware author.
The social engineering method employed by the cybercriminals in this particular case is very straightforward. These mails try to attract users into forming the threat by aiding them into believing that the file is a Trend Micro product.
When the user carries out the Trojan, it forms a process svchost.exe (the exact word as the windows starts processing for services, which is an additional effort to conceal itself) towards downloading a second fake component package.
This downloaded package comprises a bitcoin miner application. Trend Micro further found this bitcoin app as HKTL_BITCOIN MINE.
While threats in an attempt to play themselves off as security solutions is nothing fresh, and neither are Bitcoin miners dropped by Trojans, putting the two together intended to be something new. Trend Micro detects the malware and found it as Troj_RIMECUD.AJL.
"Bitcoin is digital currency and could be utilizing towards paying particular transactions online. This attack is suitable due to the news that bitcoin central has been accepted by the law to work as a bank that exchange from euro and Bitcoin are now feasible, "notes Trend Micro.
In the history, we have been seen cases in which systems are polluted with Bitcoin-mining malware and turning them into averse "miners". Also, these systems churn Bitcoin for the profit of the bad guys while the victim's guys are left in the dark. Besides making profit for its authors, these kinds of threats consume lots of system resources, so users who observe a immediate slowdown of their system are suggested to look for any suspicious usage that may be running in the background, said by Trend Micro says.
The only solution is that users must be extra-preventive while downloading applications and files detected on the internet. Moreover, they should all together restrain from visiting unidentified sites and hitting it off ads or abbreviated URL's included in e-mail messages from unknown sources.
Related article: Trend Micro Warns of Flaw in its Anti-Virus
» SPAMfighter News - 24-12-2012