Nasty Trojan Posing as Bogus Java “Update 11″ Patch

Warning: Malware Poses as Java UpdateOn the hunt for the latest Java update?

Make sure you download it from a reliable source, like say, java.com and not some random third-party website.

TrendMicro found at least one website peddling malware disguised as a fake “Java Update 11” update.

The threat in question is a nasty Trojan detected as JAVA_DLOADER.NTW that’s delivered as a file named javaupdate11.jar.

The bogus update file, Javaupdate11.jar, contains javaupdate11.class, which downloads and executes two malicious files:

Once executed, BKDR_ANDROM.NTW will open a backdoor on the infected system to grant remote access to an attacker.

Users are more likely to notice TSPY_KEYLOG.NTW, though, as it will download ransomware (TROJ_RANSOM.ACV) that will attempt to lock the affected machine and demand payment from the end-user to regain access.

Steer Clear of Fake Java Updates!

It’s important to note that this malware does not exploit any Java-related vulnerabilities: it requires user-interaction to make its way onto a PC. So, you should be safe as long as you:

  • Download Java updates directly from Oracle on java.com, or simply use Java’s built-in update mechanism to download and install updates.
  • Do not download Java updates from random websites.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

This entry was posted in Computer Security, internet scam, malware, phishing, scam and tagged , , , , , , .
Follow any comments here with the RSS feed for this post. Trackbacks are closed, but you can post a comment.

© 2014 Hyphenet, Inc.
1761 Hotel Circle S, Suite 350, San Diego, CA 92108

All rights reserved. Reproduction in whole or in part in any form or medium without express written permission is prohibited.

Hyphenet IT Security Blog located at 1761 Hotel Circle South, Suite 350 , San Diego, CA . Reviewed by 91 customers rated: 3.8 / 5