If you need to download a Shockwave player to view some animation-laden, rich multimedia content on the web, you’d probably download the player from one of the two websites depicted below. Question: from which one are you going to download?

We’ve raised this question because of a new report regarding a fake Adobe Shockwave Player download site. Yes, one of the website depicted above is a fake one, supposedly hosting a Trojan that Trend detects as TROJ_DROPPER.HRZ. So instead of installing Shockwave Player, the unsuspecting user would end up installing a Trojan and compromising his system. As for their social engineering tactic, the perpetrators behind this malware take advantage of the ordinary user’s naivetÃ?©. The apparent likeness of the fake website in comparison to the real one is aimed to capture the user’s trust and to lure him into clicking that download link. Furthermore, it doesn’t even allow the user to view the page’s HTML source, although in a limited way. The fake website contains a javascript code that denies access to the context (popup) menu, done by disabling the right mouse click. However, the HTML source can still be viewed by selecting View and then Source from the main menu in Internet Explorer.




Similar incidents have happened in the past, most recently a fake Winrar download site. Just in case you’re still wondering which one is the fake website, it’s the one at the top