For the first time security researchers have spotted a type of malicious PC based software that overwrites update functions for other applications, which could pose additional long-term risks for users.
The malware, which infects Windows computers, masks itself as an updater for Adobe Systems' products and other software such as Java, wrote Nguyen Cong Cuong, an analyst with Bach Khoa Internetwork Security (BKIS), a Vietnamese security company, on its blog.
BKIS showed screen shots of a variant of the malware that imitates Adobe Reader version 9 and overwrites the AdobeUpdater.exe, which regularly checks in with Adobe to see if a new version of the software is available.
Users can inadvertently install malware on computers if they open malicious e-mail attachments or visit Web sites that target specific software vulnerabilities. Adobe's products are one of the most targeted by hackers due to their wide installation base.
After this particular kind of malware gets onto a machine, it opens a DHCP (Dynamic Host Configuration Protocol) client, a DNS (Domain Name System) client, a network share and a port in order to received commands, BKIS said.
Malware that poses as an updater or installer for applications such as Adobe's Acrobat or Flash are nothing new, said Rik Ferguson, senior security advisor for Trend Micro.
Decent security software should detect the malware, but those people who do become infected could be worse off even if the malware is removed, Ferguson said.
"They will lose the auto-updating functionality of whatever software is affected even after the malware is cleaned up," Ferguson said. "That could of course leave them open to exploitation further down the line if critical vulnerabilities don't get patched as a result."
That means that users would need to manually download the software again, which they may be unlikely to do if they don't know the effect of the malware.
Thu, 25 Mar 2010 New malware overwrites PC software updaters
It's the first time researchers have seen the malware overwrite
Contact Us
DiggLatest News
- How to capture a sense of speed with panning
- How to take a screenshot on a Mac
- What to expect from Apple at WWDC 2013: iOS 7, OS X 10.9, new Macs, iPhone 6, iPad 5?
- New MacBook Air release date, rumours and leaked images
- The 4 Best Things About the Google+ Redesign
- Early Google Glass users finding 'sense of freedom'
- Foxconn reports three possible suicides at factories in China
- Yahoo on Tumblr: We won't 'screw it up'
- Watch: Video shows what Apple's 'iTV' television set could look like
- Apple's iRadio delayed by song skipping negotiation with Sony Music, report says
- Samsung to sell 10m Galaxy S4 in a month, compared to 5m iPhone 5 in three days
- How to fix a water-damaged Apple iPhone
Related News
- iTunes 11.0.3 enhances MiniPlayer, tweaks album options
- How Google's I/O moves measure up to what Apple offers
- Android retains lead over Apple
- Could a Tumblr deal fix Yahoo's square reputation?
- Google Glass Explorer edition pops up on San Francisco Craigslist for $6500
- Dell replays Windows 8 blame card as PC sales slide
- Report: Yahoo board approves deal to buy Tumblr for $1.1B
- 'Record labels helped Google beat Apple to the music subscription market'
- Bill Gates recalls last conversation with Steve Jobs in emotional interview
- Intel loses ground as world's top semiconductor company, survey says
Search news
Search Google
Newsletter signup
It's easy and free to get the latest news headlines, reviews and opinions straight to your email inbox. Sign up NOW to make sure you receive the latest Mac news, reviews and tutorials on your favourite topics.
Macworld reader poll
What version of Adobe Creative Suite do you use?:
Have your say in the
Macworld Forums!
Register now
Stay on top of the latest, breaking Mac news and chat with other Mac professionals and enthusiasts about the issues that matter to you. Register with Macworld today to join our forums and receive our twice-weekly email newsletter, Macworld Mainline.
RSS
Have the latest content delivered to your desktop via RSS. Use the links below to get access to a specific blog, news, or reviews feed.
MACWORLD MARKETPLACE
 |
LogMeIn Free - Remote Computer Access |
 |
TemplateCloud |
 |
Amsys |
 |
About NAD |
 |
Sphero is a completely new type of gaming system. |
 |
MeteoGroup |
 |
Beat the Credit Crunch - Lease your Mac from Hardsoft |
Click here for the latest reader comments