TechSpot

BEWARE: phony Google Toolbar plug-in

By jobeard
Jul 21, 2006
  1. July 21, 2006 (TechWorld.com) -- Bot-herders have set up an exact copy of the download page for Google’s Toolbar plug-in in an attempt to lure users to download a Trojan backdoor.

    Reported by security outfit Surfcontrol, some versions of the scam even spoof the correct Google Toolbar web address for Internet Explorer, using Google’s own redirection service in an attempt to hide the real, non-Google address.

    The Trojan itself - W32.Ranky.FW - is designed to turn the PC into a bot zombie, and is spread using the conventional technique of asking recipients of a spam email to follow an embedded link.

    According to Surfcontrol, the version detected by the company fails because of poor programming of defective compilation, but it remains a proof-of-concept in how to attack users using a simple combination of convincing elements.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...