In association with heise online

06 December 2006, 23:07

Trojan disguised as Vista activator

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Users testing a final version of Vista that are tempted to activate it illegally, should beware. Circulating in P2P networks is what purports to be an activation hack for Microsoft's latest operating system - anyone running the file to carry out the supposed activation will find themselves installing a trojan.

The file Windows Vista All Versions Activation 21.11.06 displays the icon for a RAR file in Windows Explorer and is 268 kb in size. However, rather than containing routines to activate Vista, it installs the trojan Ldpinch.AZE (also known as MicroJoiner or Muldrop). The recognition rate of virus scanners on VirusTotal is mixed - McAfee, Microsoft, ClamAV, F-Prot, Authentium, eSafe, Sophos, Sunbelt and Virusbuster all fail to recognise the malware.

No detailed description of the malware is yet available. Virus creators often use similar social engineering methods to find new victims and infect and gain control over their computers. Users should be especially cautious about dubious software downloaded using file sharing applications. The heise Security anti-virus pages provide further notes and tips for protecting yourself from malware.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit