New Malware Overwrites Software Updaters

← Back to Stories (view on slashdot.org)

New Malware Overwrites Software Updaters

Posted by Soulskill on Friday March 26, 2010 @06:31AM from the i'm-sure-the-updaters-don't-go-down-without-a-fight dept.

itwbennett writes "Researchers at Bach Khoa Internetwork Security (BKIS), a Vietnamese security company, have found a new type of malware that 'masks itself as an updater for Adobe Systems' products and other software such as Java,' wrote BKIS analyst Nguyen Cong Cuong in a post on the company's blog. BKIS showed screenshots of a variant of the malware that imitates Adobe Reader version 9 and overwrites the AdobeUpdater.exe, which regularly checks in with Adobe to see if a new version of the software is available."

12 of 78 comments (clear)

Min score:

Reason:

Sort:

I'm torned by Yvan256 · 2010-03-26 06:34 · Score: 5, Funny

On the one hand, it's malware, on the other hand it replaces software from Adobe.
I can't decide if it's an enhancement or not.
1. Re:I'm torned by ByOhTek · 2010-03-26 06:36 · Score: 3, Funny
  
  So... malware disguising itself as malware? Brilliant!
  
  --
  Self proclaimed typo king, and inventor of the bear destroying coffee table (patent not pending).
2. Re:I'm torned by rcuhljr · 2010-03-26 06:37 · Score: 4, Funny
  
  I was going to mod this insightful until I saw the phrase "I'm torned"
The only way you can tell if you are infected by Anonymous Coward · 2010-03-26 06:37 · Score: 5, Funny

If your copy of AdobeUpdater.exe runs reliably without unexplained crashing, you are probably running the malware version.
Re:Irony: Adobe and Java updaters targeted by spun · 2010-03-26 06:44 · Score: 5, Funny

Adobe installers are pernicious, sneaky, and they will attempt to install things you don't want. When an installer that acts like malware gets replaced with real malware, that could be classified as 'totally ironic' on the Morrisette Irony Scale.

--
- None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
Thiefs! by Anonymous Coward · 2010-03-26 06:49 · Score: 1, Funny

They have stolen my idea! Can I patent malware?
Re:Adobe was removed 3 years ago by mandelbr0t · 2010-03-26 06:54 · Score: 3, Funny

Absolutely none, assuming you are still using Lynx :-D

--
"Please describe the scientific nature of the 'whammy'" - Agent Scully
Re:Irony: Adobe and Java updaters targeted by plover · 2010-03-26 07:08 · Score: 3, Funny

... on the Morrisette Irony Scale.
I've got one of those. Mine goes to 10.

--
John
Well that doesn't mean much by Anonymous Coward · 2010-03-26 07:08 · Score: 2, Funny

Seeing as how 'a black fly in your chardonnay' is classified as 'pretty darn ironic' on the Morrisette Scale, I think her scale might be broken.
1. Re:Well that doesn't mean much by cbiltcliffe · 2010-03-26 09:42 · Score: 3, Funny
  
  I'm surprised since I thought her songs had achieved higher popularity than that, considering how much I heard them played on the radio.
  Yes. Ironic, isn't it? :P
  
  --
  "City hall" in German is "Rathaus" Kinda explains a few things......
Re:Adobe was removed 3 years ago by Volante3192 · 2010-03-26 07:18 · Score: 2, Funny

I don't know of an OS that hasn't been attacked with a fake dialog trying to trick a user.
From the comments I see here regularly, apparently Linux and OS X.
Re:Adobe was removed 3 years ago by Chris+Mattern · 2010-03-26 07:34 · Score: 2, Funny

I have never seen a fake Linux dialog. I've had my browser in Linux display fake *Windows* dialogs. They tend to be fairly...obvious.