A new malicious program alters ...
A new malicious program alters ...
8/30/2006. - it can also download the Ruins.MB Trojan, which installs other malicious programs on the computer or continuously launches a casino application.
PandaLabs has detected the appearance of Zcodec, a new malicious program which uses a rootkit to hide its malicious actions. It also alters Internet search results and installs other malicious code on the system.
Zcodec is included in a program that supposedly installs the codecs needed to play a certain multimedia format. When users are about to install this application, a user license window is displayed. However, no codec is installed, and the program does not wait for users to accept or reject the license agreement, as when they click on the downloaded file, Zcodec is installed on the computer.
Once on the system, a rootkit (a program designed to hide processes, files or registry entries) is installed so that users cannot see which files are being run. In this way, Zcodec installs two executable files. The first of these modifies the DNS settings on the compromised computer so that when a user clicks on results returned from search engines such as Google, a different page is displayed. This tactic is exploited by the creators of the program in order to profit from pay-per-click systems, or even to redirect users to pages designed to steal confidential data.
The second executable file can have two different actions, which are executed at random. In some cases it installs the Ruins.MB Trojan, designed to download other malicious programs on the system. And on other occasions, the file continually launches a casino application, asking for the user’s permission to install it. However, even if the user rejects installation of the program, an icon is created on the Windows desktop which when clicked, will prompt installation.
“The combination of different techniques is becoming a frequent trait of computer attacks. In this case we see social engineering, rootkits, Trojans and even the manipulation of computer settings. The aim of the creators is to infect computers without arousing suspicion. Given that there are many such malicious programs on the Internet, it is vital to protect systems with a good antivirus, which objectively scans each file on the computer, explains Luis Corrons, director of PandaLabs.
To protect against this type of malicious program, in addition to having an up-to-date antivirus that combines reactive and proactive technologies to detect known and unknown threats, it is also essential to check the source of any files downloaded onto the system as well as to pay close attention to the license agreements when installing programs.
To help as many users as possible scan and disinfect their systems, Panda Software offers its free, online anti-malware solution, Panda ActiveScan, which now also detects spyware, at http://www.activescan.com. Webmasters who would like to include ActiveScan on their websites can get the HTML code, free from http://www.pandasoftware.com/partners/webmasters/.
For further information about these and other computer threats, visit Panda Software´s Encyclopedia.
About PandaLabs
Since 1990, PandaLabs’ mission has been to analyze new threats as soon as possible to ensure that our clients are safe. Several teams specialized in each specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc.) work 24x7 to offer global coverage. To do this they are supported by TruPrevent™ Technologies, a truly global early warning system made up of sensors that are strategically distributed and neutralize new threats and send them to PandaLabs for in-depth analysis. According to AV-Test.org, PandaLabs is the fastest in the industry to offer complete updates (more information at www.pandasoftware.com/pandalabs.asp).
Oxygen3 24h-365d
by Panda Software
Back
- Microsoft revamps Bing to include interactive social sidebar
The three-column interface also includes a ´snapshot´ for more direct interaction with products and places.
- Adobe Creative Cloud Now Available
Two New Touch Apps for iOS and Adobe Muse Also Shipping
- Acer G6 series - Super-slim design, inspiring performance
- Come Explore the VIA Smart Ecosystem at Computex 2012
- HP tries to beat ultrabook pricing with thin-and-light Sleekbooks
- MasterCard´s PayPass Wallet will span online, mobile, in-store shopping
- Google infringed Java copyrights in Android, jury finds
- After false alarm, no verdict Friday in Oracle Google
- Lenovo building industrial center to develop tablets, smartphones
- Facebook´s valuation for IPO will be lower than initially expected
Member of IVSZ
Member of SZEK
Acer Affinity Gold partner
Dell Registered Partner
OKI System Shinrai Partner
XEROX Viszonteladó
APC megbízható szállító
EATON Authorized Partner
Cisco partner
Symantec Software Partner
ESET Partner
FUJITSU partner
LENOVO Premium Partner
IBM Business Partner
PARTNERS: Computerworld.hu | GameStar.hu | PCWorld.hu | SG.hu | PC Guru | Hitel