#1
Auszug aus dem Kaspersky-Newsletter vom 10 Sept 02
>>>A Trojan has been detected, in a commercial product for processing graphic software, that destroys files on the Windows system directory
Kaspersky Labs reports the detection of a Trojan horse, FireAnvil, embedded in a commercial product from US company, Firehand Technologies Corporation.
"Firehand Ember Millennium" is a software program for viewing and editing graphic files and is sold via Internet on the site www.firehand.com. Trojan subprograms have been detected in two files of the product: Ember32.exe - the main file of the product fireutil.dll - library
The program is activated when the text "czy czy" is entered in the field "Registered User ID".
Registered User ID: [_________] Registration Key: [_________]
As the Trojan program is activated the following message is displayed:
CrAcKiNg SoFtWaRe! PlEaSe WaIt!
Then FireAnvil searches for the Windows system directory and writes the following text into the registry of all of the files within the directory:
CzY CrAcKiNg CrUe! We CrACk EvErYtHiNg!
As a result of the program's destructive function, when activated, all of the files of the Windows system directory are destroyed with no possibility of restoring them.
"Unfortunately, this is not the only instance where a software product has been marketed without checking it thoroughly for hidden "trojans". On the other hand, this is additional proof for the perfidy of the latest generation malware, which is sometimes very hard to detect. Hopefully, this incident will force all software developers to pay more attention to the security problems of their users," says Eugene Kaspersky, Head of Anti-Virus Research of Kaspersky Labs.<<< __________ Durchsuchen --> Aussuchen --> Untersuchen
Um auf dieses Thema zu ANTWORTEN bitte erst » hier kostenlos registrieren!!
>>>A Trojan has been detected, in a commercial product for processing
graphic software, that destroys files on the Windows system directory
Kaspersky Labs reports the detection of a Trojan horse, FireAnvil,
embedded in a commercial product from US company, Firehand Technologies
Corporation.
"Firehand Ember Millennium" is a software program for viewing and
editing graphic files and is sold via Internet on the site
www.firehand.com. Trojan subprograms have been detected in two files of
the product: Ember32.exe - the main file of the product fireutil.dll -
library
The program is activated when the text "czy czy" is entered in the field
"Registered User ID".
Registered User ID: [_________]
Registration Key: [_________]
As the Trojan program is activated the following message is displayed:
CrAcKiNg SoFtWaRe! PlEaSe WaIt!
Then FireAnvil searches for the Windows system directory and writes the
following text into the registry of all of the files within the
directory:
CzY CrAcKiNg CrUe! We CrACk EvErYtHiNg!
As a result of the program's destructive function, when activated, all
of the files of the Windows system directory are destroyed with no
possibility of restoring them.
"Unfortunately, this is not the only instance where a software product
has been marketed without checking it thoroughly for hidden "trojans".
On the other hand, this is additional proof for the perfidy of the
latest generation malware, which is sometimes very hard to detect.
Hopefully, this incident will force all software developers to pay more
attention to the security problems of their users," says Eugene
Kaspersky, Head of Anti-Virus Research of Kaspersky Labs.<<<
__________
Durchsuchen --> Aussuchen --> Untersuchen