Feeds

Trojan poses as Adobe update utility

Be careful what you invite in

Remote control for virtualized desktops

Miscreants have begun creating malware that overwrites software update applications from Adobe and others.

Email malware that poses as security updates from trusted companies is a frequently used hacker ruse. Malware posing as update utilities, rather than individual updates, represents a new take on the ruse.

Vietnam-based anti-virus firm Bkis said the tactic is a logical follow-on from earlier approaches where viruses replace system-files and startup-program files.

Nguyen Minh Duc, director of Bkis Security, writes that the recently detected Fakeupver trojan establishes a backdoor on compromised systems while camouflaging its presence by posing as an Adobe update utility. The malware camouflages itself by using the same icons and version number as the official package.

Variants of the malware also pose as updaters for Java and other software applications.

Duc explains: "From analysis, we found that malware is written in Visual Basic, faking such popular programs as Adobe, DeepFreeze, Java, Windows, etc. In addition, on being executed, they immediately turn on the following services: DHCP client, DNS client, Network share and open port to receive hacker’s commands." ®

Intelligent flash storage arrays

Whitepapers

10 ways wire data helps conquer IT complexity
IT teams can automatically detect problems across the IT environment, spot data theft, select unique pieces of transaction payloads to send to a data source, and more.
Why CIOs should rethink endpoint data protection in the age of mobility
Assessing trends in data protection, specifically with respect to mobile devices, BYOD, and remote employees.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Business security measures using SSL
Examines the major types of threats to information security that businesses face today and the techniques for mitigating those threats.