Fake updates install backdoors

less than 1 minute read

Our good friends at Hanoi, Viet Nam, -based security firm Bkis have written about an interesting malcode lure: Trojans masquerading as updates for popular applications such as Adobe, Java or Windows.

The fake updates are distributed with icons of the application they’re impersonating.

Analyst Nguyen Cong Cuong wrote: “In addition, on being executed, they immediately turn on the following services: DHCP client, DNS client, Network share and open port to receive hacker’s commands.”

As a countermeasure, it would be a good idea to ignore any email you receive with a link or attachment that claims to be an update. Use the “updater” or “check for updates” menu choice on the application or Windows implementation that’s installed on your machine.

Bkis blog piece here.

Leave a comment