All the latest UK technology news, reviews and analysis
|
|
|
10 May 2002
Internet users caught up in the hype of the recent Xbox launch may be falling for a web hoax that installs a Trojan horse on their machine.
The success of the malicious code may be boosted by the fact that the Trojan masquerades as an Xbox emulator for the PC.
Of course, there is no such thing, but the launch hype of the new console, mixed with a little bit of internet trickery, seems to have created a sizeable hotbed of web users who really think they are downloading an Xbox emulator.
Such things aren't unheard of; there are a multitude of other console emulators available on the web allowing you to play anything from N64 games to PlayStation discs.
But users downloading the Xbox emulator, which arrives as a file called 'EMU_xbox.exe', are really installing a Trojan on their PC.
When executed, the program quits out with an error message after dropping a back door program called NetBUIE.exe on the victim's machine.
Once installed, the Trojan connects up to a number of remote servers, suggesting that it may be racking up dollars for its creators by scamming a number of pay-per-click services.
But analysis also revealed that the program makes attempts to connect to four Microsoft-run servers, for reasons yet unknown, although one of these connects to Microsoft's free Bcentral.com counter service and reveals a worrying four million or so hits from the Trojan.
According to another link on the fake emulator's website before it was pulled earlier today, over 30,000 visitors have been to the site. That's 30,000 potential victims of the Trojan.
By way of a disguise, NetBUIE.exe looks similar to Netbeui (NetBios Enhanced User Interface) which is a networking protocol commonly used on Windows networks.
Right clicking on the executable and selecting properties even brings up a Microsoft copyright notice, adding a legitimate feel to the file.
Earlier today the main web page that hosted the program was taken down by free host Angelfire for violation of its terms of service.
But the program may yet crop up on other websites in the same guise, and antivirus firms do not appear to be on the case yet.
Latest stories from Security
Related articles
Related jobs
Poll
What will be the biggest change to corporate technology in the future?
TFL director of Games transport Mark Evers discusses how the public transport network is preparing for this summer's event
Connect with V3.co.uk
The wrong printers, for the wrong tasks on the wrong contracts
Who leads the BI pack and who should we be watching out for?
HTML, CSS, Flash - Web Content Editor - Photoshop, Dreamweaver...
Biomass Programme Manager/Engineering/Supply Chain/Heavy...
Head of Compliance My client is currently seeking...
THis role is working for a multi national Financial organisation...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?