Apr24
1:56 am (UTC-7)   |   by Jasper Pimentel (Advanced Threats Researcher)

We’ve just spotted another “security website” that offers to aid users in getting rid of spyware plaguing their systems. In reality however, this website does nothing but trick the user into installing an adware application into their system.

Although the website doesn’t automatically download the rogue application, it does a fairly good job of tricking the user to download for themselves.
Similar to the numerous ZLOB-carrying codec websites that proliferated during 2006, this one plays on the unsuspecting user’s gullibility regarding security applications. Click on any of the download links and the file malwarealarmsetup.exe is downloaded on your system. When this file is executed, it displays the usual dialog boxes being used by the usual installation package for legitimate applications, even displaying the standard EULA text.
malwarealarmsite.jpg

An appropriate solution for this threat is already underway and it is to be detected as ADW_SPYSHERIF.BG. As a word of caution, do not download or install anything that this website offers.

If you're new here, you may want to subscribe to our RSS feed. Thanks for visiting!



This entry was posted on Tuesday, April 24th, 2007 at 1:56 am and is filed under Uncategorized . Responses are closed, but you can trackback from your own site.



Comments are closed.


ZIP then, RAR now. What’s next?
97725.com is hosting malware!


 
TrendWatch Hijack This Web Protection Add-On
Free Online Virus Scan Rootkit Buster Submit Suspicious Files
Global Malware Map RUBotted? Trend Micro
 



    		 
© Copyright 2009 Trend Micro Inc. All rights reserved. Legal Notice