First malware to practice overwrite discovered hidden in an Adobe Updater
A malicious code has been spotted for the first time by computer security experts.
Indeed, researchers have discovered a malware that replaces the updates to certain applications. Usually, such programs do not overwrite practice.
Only computers running Windows are affected. The malware hides in the form of an updater for Adobe products or Java. A variant mimics Adobe Reader v.9 and overwrite AdobeUpdater.exe, which aims to connect regularly to the Adobe servers to check if a new version is available.
Once installed on a warm machine, the malware opens a client DHCP (Dynamic Host Configuration Protocol), DNS (Domain Name System), a network share, and a port to receive commands.
According to an expert at Trend Micro, good antivirus should detect this threat. It also states that infected computers will be altered even after uninstalling the malware, because they will lose the auto-update any infected software, exposing the machine has other threats if patches can not then be quickly installed (because of this defect). It will indeed users victim of these malicious codes, start to download updates to their hand, what some will do or will not want to do.
Source : Nguyen Cong Cuong's blog (Security analyst)
Certificates
Categories
- Ansermot.ch (13)
- Community (99)
- Development (258)
- Misc (24)
- Projects (23)
- Bullet Proof Lib (4)
- FireStats Charts (12)
- WordPress Blog Farmer (4)
- WP Page Qr (3)
- Social (27)
- System (114)