However, as the file infecting a user has never been available to us, we only received multiple e-mails pointing to a malware version instead of a legitimate one. As most files are named with a sequence of random numbers and letters, we were immediately suspicious. The first recorded files have been uploaded to a torrent site on the night of May 13th, 2016. ![]() Since the discovery of these files, the number of new infections has been on a steep increase. The name stems from its ability to offer installation of additional programs or create a fake updater. The new threat we refer to as PUP (short for Potentially Unwanted Program) is now confirmed to be a piece of malware. In the last few weeks, in particular we have observed an increasing number of malicious files being uploaded to various torrent sites. What is actually installed on the PC is some kind of backdoor that provides remote access to the infected computer. ![]() The downloader is disguised as the “InstallShield” Windows installer and has a legitimate license key. The file is attached to a Torrent file and presented as a kind of installer. ![]() The first infection attempts to be executed when the PC starts up.
0 Comments
Leave a Reply. |