|
Description:
To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.
Malware Overview
This malicious HTML script has received attention from independent media sources and/or other security firms.
It is a script hosted on a malicious site.
Upon execution, it displays fake alerts that warn users of infection. It also displays fake scanning results of the affected system.
These fake pop-ups then lead users to download a fake antivirus software from a specific Web site. The downloaded file is detected by Trend Micro as TROJ_FAKEAV.FT. As a result, malicious routines of the downloaded file are exhibited on the affected system.
It uses Solar Eclipse querying in Google, where a malicious site containing an article related to this topic redirects to the actual malicious site where this malware is hosted.
For additional information about this threat, see:
Solution
Technical Details
Description created: Jul. 22, 2009 6:05:47 AM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
