MicroWorld Technologies has released a warning report against the Zlob Trojan. The new Zlob variant named Zlob.fes is spreading amongst unsuspecting computer users.
MicroWorld says Zlob can enter in computers through an email that asks users to check out a movie file. Or it may make its way to computers from malicious websites. Whichever way it enters, the Trojan offers codec in the guise of helping users to watch a streaming video and installs a stealthy Trojan Downloader in the computer
On visiting some websites, a harmful code named ‘Trojan.HTML.Agent.e’ is automatically downloaded, without the knowledge of users. Further users find an error message that states that the browser has encountered an Active-X error and needs to download a codec to play a video file.
If users permit it to download codec, a License Agreement appears that assures users of the authenticity of the program. And the name of the downloaded file is ‘VideoAccessCodecInstall.exe’, which is nothing but the Zlob.fes.
“Codec is a program used to encode or decode video clips so that large files can be downloaded faster,” said Vikas Vishwasrao, Assistant Manager R&D, MicroWorld. “Most web users are familiar with codecs and naturally some wouldn’t think twice before clicking on the ‘yes’ button to download it. Since the Trojan shows no sign of its presence in the infected computer, a victim may never know about the infection till the time the computer screen gets all filled up with annoying pop-ups that simply refuse to cease!”
Zlob was found in year 2005. Since then, many Zlob variants have been seen bringing in a range of malware like Spyware, Adware, Rogue-AntiSpyware, Rogue-AntiVirus, Backdoor, Bots, Rootkits etc.
Microworld also said that a computer having such Trojans, may also be exposed to many more online threats.
As a remedy Microworld suggests using its AntiVirus, AntiSpam and Content Security software eScan providing protection against the Zlob family.