Scoop has an Ethical Paywall
Work smarter with a Pro licence Learn More

Local Govt | National News Video | Parliament Headlines | Politics Headlines | Search

 

Fake AV Software Updates Are Distributing Malware

Fake AV Software Updates Are Distributing Malware - Symantec Security Response

There is a new social engineering spam that attempts to trick users into running malware on their computers. Malware authors use various methods including emails pretending to be from various antivirus software companies with an important system update required to be installed by the end user, along with attaching a fake hotfix patch file for their antivirus software.

The email plays on end user concern over the lack of detection, especially in the face of the latest threats showcased in the media recently, such as the Cryptolocker Trojan. This type of social engineering entices users to open and install the hotfix without using realising what they are installing. 

Symantec has observed a number of different email subject lines that include many well-known antivirus software companies (see image):
• AntiVir Desktop: Important System Update - requires immediate action
• Avast Antivirus: Important System Update - requires immediate action
• AVG Anti-Virus Free Edition: Important System Update - requires immediate action
• Avira Desktop: Important System Update - requires immediate action
• Baidu Antivirus: Important System Update - requires immediate action
• Cloud Antivirus Firewall: Important System Update - requires immediate action
• ESET NOD32 Antivirus: Important System Update - requires immediate action
• Kaspersky Anti-Virus: Important System Update - requires immediate action
• McAfee Personal Firewall: Important System Update - requires immediate action
• Norton AntiVirus: Important System Update - requires immediate action
• Norton Internet Security: Important System Update - requires immediate action
• Norton 360: Important System Update - requires immediate action
• Symantec Endpoint Protection: Important System Update - requires immediate action
• Trend Micro Titanium Internet Security: Important System Update - requires immediate action

Advertisement - scroll to continue reading

Are you getting our free newsletter?

Subscribe to Scoop’s 'The Catch Up' our free weekly newsletter sent to your inbox every Monday with stories from across our network.

Although the subject line changes, the attached zip file containing the malicious executable stays the same. Once the malware is executed, a connection is made to networksecurityx.hopto.org to download another file. The malware uses a process called ozybe.exe to perform tasks.

Symantec recommends
The Skeptic scanner of Symantec Email Security.cloud can block this and similar emails before it can even reach the end user. In addition, Symantec also detects the files associated with this attack using the following signature names:
Trojan.Gen
Trojan.Zbot
WS.Viral.1

Symantec advises following best practices to avoid becoming a victim of social engineering spam attacks:
• Do not click on suspicious links in email messages.
• Do not open any attachments from recipients you do not know or expect an attachment from.
• Do not provide any personal information when replying to an email.
• Use comprehensive security software, such as Norton Internet Security or Norton 360, which protects you from phishing and social networking scams.
• Exercise caution when clicking on enticing links sent through email or posted on social networks.

Read the full Symantec Security Response blog:
http://www.symantec.com/connect/blogs/fake-av-software-updates-are-distributing-malware


Click for big version.

ENDS

© Scoop Media

Advertisement - scroll to continue reading
 
 
 
Parliament Headlines | Politics Headlines | Regional Headlines


Gordon Campbell: On The US Opposition To Mortgage Interest Deductibility For Landlords


Should landlords be able to deduct the interest on the loans they take out to bankroll their property speculation? The US Senate Budget Committee and Bloomberg News don't think this is a good idea, for reasons set out below. Regardless, our coalition government has been burning through a ton of political capital by giving landlords a huge $2.9 billion tax break via interest deductibility, while still preaching the need for austerity to the disabled, and to everyone else...
More


 
 

Government: Concerns Conveyed To China Over Cyber Activity
Foreign Minister Winston Peters has confirmed New Zealand’s concerns about cyber activity have been conveyed directly to the Chinese Government. “The Prime Minister and Minister Collins have expressed concerns today about malicious cyber activity... More

ALSO:


Government: GDP Decline Reinforces Government’s Fiscal Plan

Declining GDP for the December quarter reinforces the importance of restoring fiscal discipline to public spending and driving more economic growth, Finance Minister Nicola Willis says... More

ALSO:


Government: Humanitarian Support For Gaza & West Bank

Winston Peters has announced NZ is providing a further $5M to respond to the extreme humanitarian need in Gaza and the West Bank. “The impact of the Israel-Hamas conflict on civilians is absolutely appalling," he said... More


Government: New High Court Judge Appointed

Judith Collins has announced the appointment of Wellington Barrister Jason Scott McHerron as a High Court Judge. Justice McHerron graduated from the University of Otago with a BA in English Literature in 1994 and an LLB in 1996... More

 
 
 
 
 
 

LATEST HEADLINES

  • PARLIAMENT
  • POLITICS
  • REGIONAL
 
 

InfoPages News Channels


 
 
 
 

Join Our Free Newsletter

Subscribe to Scoop’s 'The Catch Up' our free weekly newsletter sent to your inbox every Monday with stories from across our network.