RSS Archive Contact Us Advertise

IT Management Begins With Security
SecurityProNews > News > Security News > Malware That Alters Search Results
Search:
[ news_security_news ]

Malware That Alters Search Results



Chris Crum
Staff Writer
2006-08-30

SecurityProNews: News RSS Feed Security News RSS Feed


There is a new malicious program on the loose, which incorporates a rootkit. It is called Zcodec and it can change search result as well as install other things.

Panda Software Labs issued a press release regarding this threat comes in a program that is supposed to install codecs for playing mulitmedia files. Unfortunately it delivers something else entirely. Panda explains:
When users are about to install this application, a user license window is displayed. However, no codec is installed, and the program does not wait for users to accept or reject the license agreement, as when they click on the downloaded file, Zcodec is installed on the computer.

Once installed, a rootkit (a program designed to hide processes, files or registry entries) is installed. Zcodec installs two executable files. The first modifies the DNS settings so that when a user clicks on results from search engines (such as Google(TM)), a different page is displayed. This tactic is exploited by the program's creators to profit from pay-per-click systems, or even to redirect users to pages designed to steal confidential data.

The second executable can have one of two executed at random. In some cases it installs the Ruins.MB Trojan. This is designed to download other malicious programs on the system. On other occasions, the file continually launches a casino application, asking for the user's permission for install. However, even if the user rejects installation of the program, an icon is created on the Windows desktop which when clicked, will prompt installation.
They're getting sneakier and sneakier aren't they?

Panda CTO Patrick Hinojosa had this to say regarding the threat:

"The combination of different techniques is becoming a frequent trait of computer attacks. In this case we see social engineering, rootkits, Trojans and even the manipulation of computer settings. The aim of the creators is to infect computers without arousing suspicion. Given that there are many such malicious programs on the Internet, it is vital to make sure your system is protected."

dd to Del.icio.us | Digg | Yahoo! My Web | Furl

Get all the updates in RSS:


About the Author:
Chris Crum is a staff writer for SecurityProNews and WebProNews.

More news_security_news Articles

SecurityProNews: News RSS Feed Security News RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Contact Us | Advertise | Newsletter Archive | Sitemap | Submit an Article | News Feeds
SecurityProNews is an iEntry, Inc.® publication - 1998-2008 All Rights Reserved | Privacy Policy and Legal		 Join the WebProWorld Forums: Click Here
Virus Warnings

Subscribe to
SecurityProNews FREE!


[ more newsletters ]

Featured On:
article resources
Search Articles:
[advanced search]

WebProWorld.com
Get in-touch with industry experts and leaders
Post your site for review by expert and peers
Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com

Titan Quest Forum
The #1 Titan Quest forum
Halo 3 Forum
The best Halo, Halo 2, Halo 3 forum
Nintendo Wii
Nintendo Wii news and views
Mac Software
The best in OS X freeware
Graphics Forum
Your source for graphic tutorials
SecurityProNews.com | Breaking eBusiness News Get Your IT Questions Answered - Click Here SecurityProNews News Feeds