Windows 7 compatibility checker turns out to be a Trojan

May 2010 Cyber Security

A deceptive 'help' message invites recipients to check their PCs’ compatibility with Windows 7 by downloading and running an altered version of Windows 7 Upgrade Advisor concealing a Trojan.

Cybercriminals are well known for their predilection to spot and bank on people’s interest in what is hot in the e-world. Operating systems and their latest developments are classic honey pots and it is practically impossible to miss their potential as baits for illicit gains.

With Windows 7, the latest version of Microsoft Windows,  reaching general retail availability on October 2009, it was just a matter of time before malware creators rose to the occasion, and exploited users' eagerness  to install it on their PCs.

These kind of success stories cannot exclusively rely on sheer luck, so a little bit of planning is mandatory. Here is how the plot line goes this time: a 'disinterested helping hand' type of e-mail reaches Windows users’ Inboxes and recommends that they download Windows 7 Upgrade Advisor Setup This piece of software supposedly allows them to see if their system resources could support the new OS. All they have to do is open the attached .zip file.

Figure. 1. The fake Windows 7 compatibility check message
Figure. 1. The fake Windows 7 compatibility check message

Instead of the promised compatibility checking tool, the zip file hides Trojan.Generic.3783603. This piece of malware contains malicious or potentially unwanted software which it drops and installs on the system. Frequently, it installs a backdoor which allows remote, clandestine access to the infected system. This backdoor may then be used by cybercriminals to upload and install additional malicious or potentially unwanted software on the captured system.

Figure 2. Trojan.Generic.3783603 is exposed
Figure 2. Trojan.Generic.3783603 is exposed

The infection rates reflected by the BitDefender real-time virus reporting system indicate the beginning of a massive spreading of Tojan.Generic.3783603. Although this phenomenon has just started, it seems that it is just a matter of time before the cybercriminals control a huge number of systems. Infection rates are also expected to boom because of the effective social engineering ingredient of this mechanism, namely the reference to the highly popular Microsoft Windows OS.

In order to stay safe, BitDefender recommends that you never open the attachments coming from unknown contacts and that you install and update a complete antimalware software solution. To always stay on the safe side of things, make sure you download the software you need from the official vendor’s website.

For more information contact Alina Anton, senior PR & marketing coordinator, EMEA & APAC Business Unit, +40 212 063 470, aanton@bitdefender.com, www.bitdefender.com





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Exploiting the global pandemic
Issue 7 2020 , Cyber Security
Cyber criminals targeting remote work to gain access to enterprise networks and critical data reports FortiGuard Labs.

Read more...
Integrated security is key to Huawei Mobile Services
Issue 7 2020 , Cyber Security
To ensure sufficient mobile device security, the technology giant incorporates security into its chip, device and cloud capabilities.

Read more...
Cybersecurity becomes key enabler of sustainable business growth
Issue 7 2020 , Cyber Security
The adoption of rushed digital transformation strategies has left many facing unintended complexities and challenges.

Read more...
Challenges healthcare is facing
Issue 6 2020 , Cyber Security
The healthcare industry has been forever changed by digital transformation, but cybercriminals are targeting the healthcare sector now more than ever.

Read more...
Secure IoT devices and networks
Issue 6 2020, Technews Publishing , Cyber Security
Check Point Software’s IoT Protect solution secures IoT devices and networks against the most advanced cyber-attacks.

Read more...
SentinelOne Protects the AA
Issue 6 2020 , Cyber Security
National provider of 24-hour motorist assistance stays on the road thanks to accelerated, AI-powered threat prevention, detection and response.

Read more...
Protecting database information
Issue 6 2020 , Cyber Security
SearchInform has officially released Database Monitor, a solution for the protection of information stored in databases.

Read more...
Work from home securely
Issue 5 2020 , Cyber Security
First Consulting provides enterprise-level IT security to working-from-home employees at more than 40 South African organisations.

Read more...
Agility, meticulous alignment and testing
Issue 5 2020 , Cyber Security
Data loss can put the nails in the coffin for unprepared businesses. Investing in cyber resilience is key to succeed in the age of digital transformation.

Read more...
Cybersecurity comment: A holistic approach to threat vulnerability
Issue 5 2020 , Cyber Security
Any organisation, whether large or small, public or private, should follow an established framework in order to protect itself against cyber threats.

Read more...