Wednesday, April 24, 2013

Malware Distributed from Phony SourceForge Website

TrojanMake sure you double-check the URL in your browser’s address bar or dialog window before downloading files online.

Zscaler researchers discovered that cybercriminals were taking advantage of the trusted reputation of SourceForget[.net] by distributing malware through a similar domain, sourceforgetchile.net.

The malicious file analyzed by Zscaler, minecraft_1.3.2.exe, was posing as a file associated with the popular game, Minecraft as the name suggests.

In reality, the executable file was a piece of malware closely related to the ZeroAccess Trojan that, upon a successful infection, will hide in the Recycle bin, inject malicious code into running processes, recruit the computer into a botnet, and generate revenue for its operators by part-taking in click fraud.

Thankfully this threat has a high detection rate (32/46), according to a VirusTotal report. So in the event that you downloaded the Trojan, you can perform a full system scan using one of the many AV programs capable of finding & removing it.

Aside from that, stay vigilant & always double-check the URL before clicking 'Download'.

[via Zscaler]

No comments:

Post a Comment