Fake ‘PlayStation Emulator’ Drops Trojan

Fans of Retro games are confronting attacks from a new scareware scam that cyber-criminals have devised to load a Trojan onto people's PCs.

As said by the security Researcher Chris Boyd at Sunbelt Software, downloads pretending to be PlayStation 2 (PS2) emulators, which help to play games online, pertaining to Sony's console, actually just produce a Trojan. For instance, the Appzkeygen.com offered emulators, arrive bundled with Trojan CodecPack-2GCash-Gen, as per the news published by The Register on March 11, 2010.

There are three flavors of the PS2 software known as Play 2 Emulator- "keygen," "serial" and "crack." Evidently, instead of being emulators, the files are actually something scarier.

Boyd reported that these files are planted on the target computer along with an arbitrarily named .exe file within the Windows directory as well as xpysys.dll within the PC's System32 Folder, according to the news published by Tom's GUIDE on March 11, 2010.

Scammers installing the Trojan highly prefer it to disable security software. In addition to the emulators being dubious, searching online for the programs exposes the surfers to every type of undesirable fraud, said security experts..

Moreover, according to Boyd, the flexible nature of the programs implies that they'll prove as dangerous in multiple ways in the forthcoming period. Over the past few months, Trojan-Downloader.Win32.CodecPack.2GCash.Gen has been incorporated into all sorts of scams from rogue anti-virus campaigns to bogus codec schemes. Further, the malware is expected to stay for a long period of time.
Boyd added that in certain instances, gamers complained of the attack causing the appearance of a rogue AV program on their hijacked computer. However, when tested, the systems displayed nothing as downloaded. This doesn't imply a rogue AV will not be downloaded, as the downloader continues to be onboard.

Meanwhile, it isn't something new that scareware is targeting Playstation gamers. Security investigators at FaceTime Security Labs showed a scareware Trojan that infected PlayStation 3 in May 2009. The malware made a spurious "My Computer" directory along with a JavaScript pop-up, which displayed a message that the user's PC was infected with worms. The result was possible file damage and data loss.

Related article: Fake Spam Mail Announces Australian PM’s Heart Attack

» SPAMfighter News - 3/19/2010