Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    November 2012
    S M T W T F S
    « Oct   Dec »
     123
    45678910
    11121314151617
    18192021222324
    252627282930  
  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for November 27th, 2012




    Because of its promise of improved feature and security, Windows 8 is naturally making waves in the tech industry and among ardent Windows users. Unfortunately, we are all too aware of the pitfalls of popularity when it comes to online security. It’s just a matter of time before cybercriminals will take advantage of Windows 8′s popularity.

    We got hold of two samples that are packaged as key generator apps for Windows 8, which are available on http://{BLOCKED}en2eqqh2.cloudfront.net. Key generators are used to generate serial numbers and are typically used for bootleg copies of a paid software. Based on our analysis, the apps we’ve found are malicious. Trend Micro detects these as ADW_SOLIMBA and JOKE_ARCHSMS respectively.

    When executed, ADW_SOLIMBA displays a fake message informing users to click ‘OK’ to download Windows 8 via the web browser. On the other hand, JOKE_ARCHSMS purports as a Windows 8 activator. Similar to ADW_SOLIMBA, JOKE_ARCHSMS also displays images to trick users into thinking that they can activate Windows once they have sent an SMS to a certain number. In addition, it also connects to the following URLs for click fraud:

    • http://{BLOCKED}rchant.net/api/open.php?aid=2102499&v
    • http://{BLOCKED}rchant.net/50qjpr21e2bd/2102499/

    Read the rest of this entry »

     
    Posted in Bad Sites, Malware | Comments Off


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice