On the hunt for the latest Java update?Make sure you download it from a reliable source, like say, java.com and not some random third-party website.
TrendMicro found at least one website peddling malware disguised as a fake “Java Update 11” update.
The threat in question is a nasty Trojan detected as JAVA_DLOADER.NTW that’s delivered as a file named javaupdate11.jar.
The bogus update file, Javaupdate11.jar, contains javaupdate11.class, which downloads and executes two malicious files:
- up1.exe (detected as BKDR_ANDROM.NTW)
- up2.exe (detected as TSPY_KEYLOG.NTW)
Once executed, BKDR_ANDROM.NTW will open a backdoor on the infected system to grant remote access to an attacker.
Users are more likely to notice TSPY_KEYLOG.NTW, though, as it will download ransomware (TROJ_RANSOM.ACV) that will attempt to lock the affected machine and demand payment from the end-user to regain access.
Steer Clear of Fake Java Updates!
It’s important to note that this malware does not exploit any Java-related vulnerabilities: it requires user-interaction to make its way onto a PC. So, you should be safe as long as you:
- Download Java updates directly from Oracle on java.com, or simply use Java’s built-in update mechanism to download and install updates.
- Do not download Java updates from random websites.
Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+
No comments:
Post a Comment