Cybercriminals using deceptive Windows 7 Upgrade Advisor e-mail to conceal trojan
May. 11, 2010 (6:23 pm)
By: Matthew Humphries
<iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.geek.com%2Farticles%2Fnews%2Fcybercriminals-using-deceptive-windows-7-upgrade-advisor-e-mail-to-conceal-trojan-20100511%2F&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light" allowtransparency="true" style="border: medium none; overflow: hidden; width: 75px; height: 20px; float: right;" frameborder="0" scrolling="no"></iframe> <!-- sphereit start --><!-- begin redux related -->
BitDefender has spotted a new deceptive e-mail that is making the rounds infecting users with a trojan.
The e-mail is seeing a healthy infection success rate as it purports to be a
Windows 7 Upgrade Advisor. It even uses the same text as the real compatibility checking tool, but in this case the user downloads malware instead.
According to BitDefender:
Instead of the promised compatibility checking tool, the zip file hides Trojan.Generic.3783603. This piece of malware contains malicious or potentially unwanted software which it drops and installs on the system. Frequently, it installs a backdoor which allows remote, clandestine access to the infected system. This backdoor may then be used by cybercriminals to upload and install additional malicious or potentially unwanted software on the captured system.
It is expected that this malware will do well because Windows 7 is a hot topic at the moment and many users are considering an upgrade. The situation won’t be helped by the fact users may pass the e-mail on to friends or share details via social networking. The end result will be a lot of infected machines with remote, backdoor access.
Ensure your anti-virus solution is up-to-date and you don’t open any e-mail attachments that come from an unknown or untrusted source.
Read more at the
BitDefender press release, found via
PC World
Read more:
http://www.geek.com/articles/news/c...ail-to-conceal-trojan-20100511/#ixzz0npRLF8RQ