Friday, January 18, 2013

Nasty Trojan Posing as Bogus Java "Update 11" Patch

Warning: Malware Poses as Java UpdateOn the hunt for the latest Java update?

Make sure you download it from a reliable source, like say, and not some random third-party website.

TrendMicro found at least one website peddling malware disguised as a fake “Java Update 11” update.

The threat in question is a nasty Trojan detected as JAVA_DLOADER.NTW that’s delivered as a file named javaupdate11.jar.

The bogus update file, Javaupdate11.jar, contains javaupdate11.class, which downloads and executes two malicious files:

Once executed, BKDR_ANDROM.NTW will open a backdoor on the infected system to grant remote access to an attacker.

Users are more likely to notice TSPY_KEYLOG.NTW, though, as it will download ransomware (TROJ_RANSOM.ACV) that will attempt to lock the affected machine and demand payment from the end-user to regain access.

Steer Clear of Fake Java Updates!

It’s important to note that this malware does not exploit any Java-related vulnerabilities: it requires user-interaction to make its way onto a PC. So, you should be safe as long as you:

  • Download Java updates directly from Oracle on, or simply use Java’s built-in update mechanism to download and install updates.

  • Do not download Java updates from random websites.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

No comments:

Post a Comment