Enabled by accident
Thursday, March 15, 2018
And as a follow-up to our recent post about BitTorrent, we have more to say about file downloads.
Let's take a look at the description of Trojan.LoadMoney, a rather common malicious downloader species.
Criminals designed this malicious installer to generate income from file downloads. When potential victims visit a rogue file-sharing site and attempt to download a file they've been looking for, they are instantly redirected to another site from which Trojan.LoadMoney.336 is downloaded to their machines. When launched, the Trojan gets in touch with another server to acquire an encrypted configuration file containing links to various referral programme applications that are also downloaded and launched on the compromised computers. The latter may include adware and other utterly malicious applications.
The solution appears to be a simple one: stay away from dubious websites, especially if your computer is not protected by an anti-virus. There’s nothing special to note here. Meanwhile, the malicious installer uses a couple of unusual tricks our readers should be aware of.
The Trojan tampers with the system to make its job easier and make sure that it won't easily be singled out among the running processes. Specifically, it makes sure that the computer can't be shut down. Should anyone try to do that, it will display the message "Downloading and installing updates".
So if you are trying to turn off your computer and see a message about updates being installed, it doesn't necessarily mean that the message is being displayed by Windows.
The second trick involves checkboxes.
By default, checkboxes that can be cleared to prevent certain components from being installed are unavailable, but hovering the cursor over a third checkbox suddenly makes those above it active.
The Anti-virus Times recommends
- Do not rush to tick boxes on sites and in application windows. Because checking one box can change other parameters as well.
- Pay attention to what you are doing, and don't forget to update your anti-virus!
Tell us what you think
To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.
Comments
Неуёмный Обыватель
23:54:47 2018-07-27
vasvet
08:44:50 2018-07-06