Windows 7 compatibility checker turns out to be a Trojan

May 2010 Cyber Security

A deceptive 'help' message invites recipients to check their PCs’ compatibility with Windows 7 by downloading and running an altered version of Windows 7 Upgrade Advisor concealing a Trojan.

Cybercriminals are well known for their predilection to spot and bank on people’s interest in what is hot in the e-world. Operating systems and their latest developments are classic honey pots and it is practically impossible to miss their potential as baits for illicit gains.

With Windows 7, the latest version of Microsoft Windows,  reaching general retail availability on October 2009, it was just a matter of time before malware creators rose to the occasion, and exploited users' eagerness  to install it on their PCs.

These kind of success stories cannot exclusively rely on sheer luck, so a little bit of planning is mandatory. Here is how the plot line goes this time: a 'disinterested helping hand' type of e-mail reaches Windows users’ Inboxes and recommends that they download Windows 7 Upgrade Advisor Setup This piece of software supposedly allows them to see if their system resources could support the new OS. All they have to do is open the attached .zip file.

Figure. 1. The fake Windows 7 compatibility check message
Figure. 1. The fake Windows 7 compatibility check message

Instead of the promised compatibility checking tool, the zip file hides Trojan.Generic.3783603. This piece of malware contains malicious or potentially unwanted software which it drops and installs on the system. Frequently, it installs a backdoor which allows remote, clandestine access to the infected system. This backdoor may then be used by cybercriminals to upload and install additional malicious or potentially unwanted software on the captured system.

Figure 2. Trojan.Generic.3783603 is exposed
Figure 2. Trojan.Generic.3783603 is exposed

The infection rates reflected by the BitDefender real-time virus reporting system indicate the beginning of a massive spreading of Tojan.Generic.3783603. Although this phenomenon has just started, it seems that it is just a matter of time before the cybercriminals control a huge number of systems. Infection rates are also expected to boom because of the effective social engineering ingredient of this mechanism, namely the reference to the highly popular Microsoft Windows OS.

In order to stay safe, BitDefender recommends that you never open the attachments coming from unknown contacts and that you install and update a complete antimalware software solution. To always stay on the safe side of things, make sure you download the software you need from the official vendor’s website.

For more information contact Alina Anton, senior PR & marketing coordinator, EMEA & APAC Business Unit, +40 212 063 470, aanton@bitdefender.com, www.bitdefender.com





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Cyber futures in 2020
Issue 1 2020 , Cyber Security
MJ Strydom, managing director of cybersecurity specialist company, DRS, discusses what can be expected in 2020.

Read more...
Seven security trends for 2020
Issue 1 2020 , Cyber Security
What challenges await the security professional in 2020? Lukas van der Merwe looks at the trends for the year ahead.

Read more...
Security is not a single product solution
Issue 1 2020 , Cyber Security
Adopting a phased approach to security allows companies to develop a layered security posture to help control costs as well as the complexity.

Read more...
From physical security to cybersecurity
Access & Identity Management Handbook 2020, Genetec , Cyber Security, Security Services & Risk Management
Genetec discusses the security-of-security concept as a means to protect cameras, door controllers and other physical security devices and systems against cybercriminal activity.

Read more...
Minding the gaps to protect industrial PLCs from cyber threats
November 2019, AVeS Cyber Security , Cyber Security
PLCs, designed to control machinery and specific processes, were never built with cybersecurity threats in mind and protecting PLCs against these threats requires healthy isolation from the Internet.

Read more...
African trust centre launches cyber division
November 2019 , Cyber Security
Advancing cybersecurity to more stringent heights, LAWtrust has launched a new division focusing on cybersecurity services to complement its identity, encryption and digital signature offerings.

Read more...
What are the cybersecurity issues in video surveillance?
November 2019, Axis Communications SA , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Cyber Security
he importance of the data captured by surveillance cameras – and what can be done with it – has led to a new breed of cybercriminals, looking for insights to steal and sell.

Read more...
Protecting the outer perimeter with cloud services
November 2019 , Cyber Security
Business leaders now have a choice whether they want to continue using their trusted firewall or move to a next-generation firewall delivered by appliances or as cloud services.

Read more...
Information security outsourcing service
November 2019, Condyn , Cyber Security
SearchInform launches information security outsourcing service for companies that face the problem of corporate fraud and data leakage.

Read more...
Block threats before they target your business
November 2019 , Cyber Security
The antivirus solutions of a decade ago are woefully inadequate weapons in the fight against today’s complex threats.

Read more...