A HijackThis Toolbar from Facebook?

less than 1 minute read

Spam emails such as the one below have been doing the rounds on the Internet hoping to lure recipients into downloading a Facebook toolbar.

jh_fb_img1_0

If you download the file by clicking on “Download Here”, you’ll see a file with the icon shown below:

jh_fb_img2

If you take a closer look at the icon, “darkSector” is shown inside of it.  How strange. Is this actually a Facebook toolbar?  Let’s take a look at the property of the file since the file looks a bit fishy.  In the file properties, you’ll see the following in the Details tab.

jh_fb_img3

The details mentioned here are for a program called HijackThis (a security software) provided by Trend Micro. This is even stranger.

Well, the file is neither a Facebook toolbar nor HijackThis.  It’s a malware detected by Symantec software as Trojan.Dropper.

Whenever you come across oddities like this, you can take similar steps to check if something could potentially have malicious intentions.  This particular attack didn’t go out of its way to disguise itself, but many do.  So to be sure about the legitimacy of an email or web site, you should always check with your trusted source for security information.

Leave a comment