Trojaner in komerziellem Produkt entdeckt

10.09.2002, 18:06
Avatar joschi

Beiträge: 6466
#1 Auszug aus dem Kaspersky-Newsletter vom 10 Sept 02

>>>A Trojan has been detected, in a commercial product for processing
graphic software, that destroys files on the Windows system directory

Kaspersky Labs reports the detection of a Trojan horse, FireAnvil,
embedded in a commercial product from US company, Firehand Technologies

"Firehand Ember Millennium" is a software program for viewing and
editing graphic files and is sold via Internet on the site Trojan subprograms have been detected in two files of
the product: Ember32.exe - the main file of the product fireutil.dll -

The program is activated when the text "czy czy" is entered in the field
"Registered User ID".

Registered User ID: [_________]
Registration Key: [_________]

As the Trojan program is activated the following message is displayed:

CrAcKiNg SoFtWaRe! PlEaSe WaIt!

Then FireAnvil searches for the Windows system directory and writes the
following text into the registry of all of the files within the

CzY CrAcKiNg CrUe! We CrACk EvErYtHiNg!

As a result of the program's destructive function, when activated, all
of the files of the Windows system directory are destroyed with no
possibility of restoring them.

"Unfortunately, this is not the only instance where a software product
has been marketed without checking it thoroughly for hidden "trojans".
On the other hand, this is additional proof for the perfidy of the
latest generation malware, which is sometimes very hard to detect.
Hopefully, this incident will force all software developers to pay more
attention to the security problems of their users," says Eugene
Kaspersky, Head of Anti-Virus Research of Kaspersky Labs.<<<
Durchsuchen --> Aussuchen --> Untersuchen
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren: