Friday, October 27, 2006

A trojan horse that keeps you safe from virus?

In addition to setting up a compromised computer to relay spam, the new malicious software SpamThru (as it has been called) also installs Kaspersky Lab's anti-virus program to get rid of competing malicious software.

When it first gets onto a PC, SpamThru connects to a control server and subsequently installs a pirated copy of Kaspersky AntiVirus. The system then starts a scan for malicious software, skipping files that it detects are part of its own installation.
Any other malware found on the system is then set up to be deleted by Windows at the next reboot.

From: CNET's Security Blog

No comments: