New Malware Overwrites Software Updaters

← Back to Stories (view on slashdot.org)

New Malware Overwrites Software Updaters

Posted by Soulskill on Friday March 26, 2010 @06:31AM from the i'm-sure-the-updaters-don't-go-down-without-a-fight dept.

itwbennett writes "Researchers at Bach Khoa Internetwork Security (BKIS), a Vietnamese security company, have found a new type of malware that 'masks itself as an updater for Adobe Systems' products and other software such as Java,' wrote BKIS analyst Nguyen Cong Cuong in a post on the company's blog. BKIS showed screenshots of a variant of the malware that imitates Adobe Reader version 9 and overwrites the AdobeUpdater.exe, which regularly checks in with Adobe to see if a new version of the software is available."

9 of 78 comments (clear)

Min score:

Reason:

Sort:

Irony: Adobe and Java updaters targeted by Metrathon · 2010-03-26 06:34 · Score: 5, Insightful

I've always filed the original forms of both these aggressive updaters under malware anyway...
1. Re:Irony: Adobe and Java updaters targeted by Anonymous Coward · 2010-03-26 06:40 · Score: 1, Insightful
  
  How is that ironic?
2. Re:Irony: Adobe and Java updaters targeted by Ephemeriis · 2010-03-26 07:07 · Score: 3, Insightful
  
  I've always filed the original forms of both these aggressive updaters under malware anyway...
  Agreed.
  I always disable automatic updating on everything I can... And then I'll manually check it once a month or so.
  I realize I'm probably missing some updates, and probably vulnerable to some threats... But I just hate logging in to my computer and getting bombarded with four or five different update notices.
  
  --
  "Work is the curse of the drinking classes." -Oscar Wilde
That's a Good Idea by Petersko · 2010-03-26 06:34 · Score: 2, Insightful

Everybody I know would click through that bad boy without a moment's hesitation.
Re:Adobe was removed 3 years ago by BitZtream · 2010-03-26 06:59 · Score: 2, Insightful

You're going to stop using Java because you just heard about someone making malware that pretends to be the updater ...
If you're going to stop using any software package that has been used as a facade for a malware infection that you probably just need to stop using your computer now, I don't know of an OS that hasn't been attacked with a fake dialog trying to trick a user.

--
Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
Re:I'm torned by CannonballHead · 2010-03-26 07:00 · Score: 2, Insightful

In other words, you were going to mod a post insightful until you read the first two words of the post? Hm. ;)
Re:i had a bout of paranoia where i imagined this by Anonymous Coward · 2010-03-26 07:33 · Score: 2, Insightful

But then how would the apps use their fancy new updater with the "purchase premium version" and other nonsense advertisements for toolbars and other bullshit?
Adobe by dandart · 2010-03-26 07:38 · Score: 4, Insightful

Now if that's not an excuse to get away from Adobe Reader, what is? This?
Re:I'm torned - going offtopic by Gorphrim · 2010-03-26 13:12 · Score: 2, Insightful

I completely neutered my copy of Adobe.

Just curious, instead of going to all that trouble, why wouldn't something like Foxit be simpler and easier with similar results?

--

Queens of the Stone Age - they rule