Saturday, November 3, 2007

Fresh Pack of Zlob Trojan distributing sites

Fresh Pack of Zlob Trojan distributing sites
Few new codec sites distributing Zlob trojans.
zsvcompany(dot)com
bcnproduction(dot)com
mojtechnology(dot)com
vaulimited(dot)com

Typically the download form these sites pretends as a video codec\Image codec for viewing porn on-line but instead installs Zlob trojan\DNS changer trojan on the system.

Usually some porn sites display a message stating that you need to download a special codec to view the porn on-line. Once the user accepts to install the codec the Trojan starts performing its dirty task of downloading Adware’s nagging the users with fake security warning messages.

The fake security warning message informs the user that the system is infected and is vulnerable to Trojan attacks luring the user into running a scan or downloading a security application to remove the infection. The application that the Trojan suggests will definitely be rogue security application.

The main cause of the Zlob Trojan is to goad users into purchasing Rogue security application. New rogue security application and Zlob developers deploy new installer and jump domains constantly in order to prevent the anti-spyware \malware \virus application from detecting them.

Till now the scammers are successful in winning the battle against the Security provided by the anti-malware \spyware \virus products.

Be a bit cautious about the thing you are downloading on a porn site. Always prevention is better than cure.

Bharath MN

blog comments powered by Disqus