Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    December 2014
    S M T W T F S
    « Nov    
     123456
    78910111213
    14151617181920
    21222324252627
    28293031  
  • Email Subscription

  • About Us

    Cybercriminals have long used videos as a lure to get unknowing users to download and install malware onto their systems. Recently, however, a new variant came up that differs just a little from the usual modus operandi.

    TROJ_SMALL.UY, at first glance, appears to be a fairly standard malware that’s installed by claiming it’s needed for a video. There’s one difference, though: TROJ_SMALL.UY, which poses as an installer for Adobe Flash Player, does appear to actually install Adobe Flash Player.

    In fact, TROJ_SMALL.UY goes to a fair amount of trouble to look like a legitimate program. Consider, first of all, the page where it can be downloaded from:

    Click for larger view

    Whoever was behind this Trojan went to a lot of effort to replicate the look and feel of the real Adobe site, and even used a domain name very close to the word Adobe.

    The same is true for the installer:

    Similarly, some effort has been made here to replicate a legitimate Windows installer. It wouldn’t be too hard to conclude that this was a legitimate installer for Adobe Flash Player. It even adds an uninstaller in the Control Panel, after all!

    While TROJ_SMALL.UY may indeed install Adobe Flash Player, something extra is along for the party: it also drops a DLL file that’s detected as TROJ_DLOADER.ZEK. As this is a Trojan downloader, as a practical matter this means that the field is wide open to any malware threat.

    While the website hosting this modified Flash Player is already blocked through the Smart Protection Network, it’s doubtful this is the last we’ll see of this particular threat.





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon






     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice