Panda Software Reports a New Malicious Program Alters Internet Search Results and Uses a Rootkit to Hide Itself
31 August 2006
Panda Software Labs has detected the appearance of Zcodec, a new malicious program which incorporates a rootkit. It also alters Internet search results and installs other malicious codes.
Zcodec is included in a program that supposedly installs codecs needed to play a certain multimedia format. When users are about to install this application, a user license window is displayed. However, no codec is installed, and the program does not wait for users to accept or reject the license agreement, as when they click on the downloaded file, Zcodec is installed on the computer.
Once installed, a rootkit (a program designed to hide processes, files or registry entries) is installed. Zcodec installs two executable files. The first modifies the DNS settings so that when a user clicks on results from search engines (such as Google(TM)), a different page is displayed. This tactic is exploited by the programs creators to profit from pay-per-click systems, or even to redirect users to pages designed to steal confidential data.
The second executable can have one of two executed at random. In some cases it installs the Ruins.MB Trojan. This is designed to download other malicious programs on the system. On other occasions, the file continually launches a casino application, asking for the user's permission for install. However, even if the user rejects installation of the program, an icon is created on the Windows desktop which when clicked, will prompt installation.
"The combination of different techniques is becoming a frequent trait of computer attacks. In this case we see social engineering, rootkits, Trojans and even the manipulation of computer settings. The aim of the creators is to infect computers without arousing suspicion. Given that there are many such malicious programs on the Internet, it is vital to make sure your system is protected," explains Patrick Hinojosa, CTO, Panda Software USA.
"To protect against this type of malicious program, it is also essential to check the source of any files downloaded onto the system as well as to pay close attention to the license agreements when installing programs. Users should also make sure that they are running up-to-date antivirus which combines reactive and proactive technologies that detect known and unknown threats," continued Hinojosa
To help as many users as possible scan and disinfect their systems, Panda Software offers its free, online anti-malware solution, Panda ActiveScan, which now also detects spyware, at http://www.activescan.com. Webmasters who would like to include ActiveScan on their websites can get the HTML code, free from http://www.pandasoftware.com/partners/webmasters/
For further information about these and other computer threats, visit Panda Software's Encyclopedia.
About Panda Software
Make sure your computer is free from viruses, spyware and other Internet threats using the free online solution Panda ActiveScan http://www.activescan.com.
Panda Software (http://www.pandasoftware.com) is a leading developer and provider of integrated security solutions to combat viruses, hackers, Trojans, spyware, phishing, spam and other Internet-borne threats. With the revolutionary TruPrevent(TM) Technology, Panda Software's innovative solutions offer a greater return on investment, keeping clients protected even against new threats that have yet to be identified. Panda Software Labs, the fastest laboratory in the industry to provide complete updates to users, offers a worldwide response to malware 24 hours a day, 7 days a week, all year round.
Panda Software's centrally-managed security solutions protect servers, and gateways and all network entry points, ensuring a straightforward and highly effective line of defense against Internet threats for large organizations, SMBs and consumers. Panda solutions are backed by a team of expert support technicians in all countries where the company is present. Tech support services are available 24 hours a day, seven days a week.
Find out more about the company at:
http://www.pandasoftware.com/about_panda/companyprofile/15years.asp
For more information and evaluation versions of all Panda Software solutions, visit our website at: http://www.pandasoftware.com/
To access the latest Panda Software press releases, please visit http://onlinepressroom.net/panda.
For more information:
Carolina Sanabria
Public Relations Manager
Panda Software, USA
Tel: 818-543-6909
pr@pandasecurity.com
Source: prnewswire
All trademarks and copyrighted information contained herein are the property of their respective owners.
Related Articles
|
