Researchers at Norman today discovered a new trojan horse program that installs and displays a child pornographic movie. This new trojan is based on the Agent family of generic trojans that perform various actions; like installing adware, setting up proxies, downloading other malware etc. It was proactvely detected by the Norman Sandbox technology,
The trojan, dubbed "W32/Agent.ULL" appears to use this feature as bait in order to get users to run it. The file name of the sample submitted to Norman suggests that a user would be aware of the illegal content of the file, but the primary function of the trojan is not to plant this video. While the video runs, the trojan installs and downloads a whole host of other malicious software - among others components belonging to the scam-based "antispyware utilities" Spysheriff and BraveSentry.
A description of this trojan can be found at http://www.norman.com/Virus/Virus_descriptions/31222/en-uk
Norman’s current risk rating is medium
You will find more information about this worm in the worm description here:
For more virus information go to www.norman.com
This Trojan is also known as Trojan-Dropper.Win32.Agent.yf
For more information, please contact:
This press release was distributed by SourceWire News Distribution on behalf of Norman Data Defense Systems UK Ltd in the following categories: Computing & Telecoms. For more information visit http://www.sourcewire.com/about.