Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    September 2015
    S M T W T F S
    « Aug    
  • Email Subscription

  • About Us

    If users wanted to download WinRAR, the popular archiver tool to process RAR and ZIP files, where would they go? Chances are, they’d type in the name of the tool itself and just add .com ( in their browser’s address bar. Unbeknownst to them, however, the said site is not the official site from which the legitimate tool could be downloaded–that would be, actually.

    TrendLabs has just received reports on how unsuspecting users could end up downloading malware, instead of WinRAR, onto their systems. When they try to click on the “Free Software Downloads” button in (as seen below), they would be led to another page where they are prompted to click on “Download Winrar”.


    When they click on “Download Winrar”, a link to {BLOCKED} would appear. Finally, another Web page, wholly in French, would display 11 supposed versions of WinRAR:


    In truth, these are 11 files that are all detected by Trend Micro as TROJ_STARTPA.QC.

    What is yet unclear is if the said site, which looks very professionally done, has been hacked or was purposely loaded with a Trojan to deceive would-be users of WinRAR. Updates to be posted soon.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice