Bangkok--2 Oct--Core & Peak
Trend Micro security researchers have said that they discovered a new kind of malware pretending as a tool to install Adobe Flash Player, an important application for playing videos on computers.
Unlike other schemes wherein a malware is installed in a computer, the new trick to deceive users actually installs a fake Adobe Flash Player application.
This fake Adobe Flash Player comes with the name of TROJ_SMALL.UY, which itself suggests that it is a Trojan with the name of 'Small', said security experts. Moreover, other two alphabets 'UY' symbolizes to a special variant of Trojan Small.
Apart from TROJ_SMALL.UY, the new Trojan has several other names such as Trojan.DL.Small.BCCV, Trojan-Downloader.Win32.Small!IK, W32/Packed_Nspack.A, Trojan:Win32/Almanah.C!dll, Win32/Agent.OAA, etc.
Security experts at Trend Micro further explained that the Trojan 'Small' claimed to provide its victims a clean version of Adobe. Interestingly, the web page from where the fake Adobe player was downloaded and domain name were designed in such a way that they resembled to the originals. In fact, the installer also looked similar to the legitimate Windows installer.
Explaining the method of installing the malicious Trojan, Trend Micro security experts revealed that it could be installed into the victim's computer without his notice when he visits a malicious website hosting the Trojan. After execution, it performs a number of functions such as creating folders and adding an 'Uninstalled' facility in the Control Panel. It also creates registry entries that come under its installation routine.
Besides, the Trojan downloads a malicious file called TROJ_DLOADER.ZEK along with several other Adobe Flash Player files.
However, the Trojan deletes itself from the system after completing the execution process.
Fortunately, the site hosting fake Adobe application has been blocked, but the security company has informed users that they shouldn't be panic if they hear rise in the number of infections again.
Trend Micro has also offered some important tips to users to avoid becoming victim of this scam. Before downloading, make sure that URL spellings and domain names are right. A user can check the authenticity of program by taking mouse on the link which exhibits the real domain name of the link. If it doesn't happen, then URL is clearly spurious.
Finally, any URL containing symbol '@' in the middle of the address is surely a fake application.
About Trend Micro:
Trend Micro Incorporated, a global leader in Internet content security, focuses on securing the exchange of digital information for businesses and consumers. A pioneer and industry vanguard, Trend Micro is advancing integrated threat management technology to protect operational continuity, personal information, and property from malware, spam, data leaks and the newest Web threats. Visit TrendWatch at http://us.trendmicro.com/us/trendwatch/ to learn more about the latest threats. Trend Micro’s flexible solutions, available in multiple form factors, are supported 24/7 by threat intelligence experts around the globe. Many of these solutions are powered by the Trend Micro Smart Protection Network, a next generation cloud-client content security infrastructure designed to protect customers from Web threats. A transnational company, with headquarters in Tokyo, Trend Micro’s trusted security solutions are sold through its business partners worldwide. Please visit www.trendmicro.com.
For more information please contact:
Public Relations Consultant, Core & Peak Co.,Ltd.
Bussakorn Sonthikorn Tel +66 (0) 2439 4600 ext. 8202 e-mail [email protected]
Srisuput Siangyen Tel +66 (0) 24394600ext.8303 e-mail [email protected]