Cameras
Camcorders
Cell Phones
Components
Desktops
HDTV
Home Theater
GPS
Laptops
Monitors
MP3 Players
Networking &
Printers
Storage
WiFi Finder
Locate wireless services by a specific address, city, state, country, airport, or zip code.
Fake Xbox Emulator Hid Trojan Horse
Host Angelfire removes Web site that secretly downloaded adware.
Sam Costello, IDG News Service
A Web page distributing what it claimed was an Xbox game emulator has been yanked from cyberspace after it was found to contain a Trojan horse program designed to generate money based on online ad hits.
The program was presented as an emulator that would enable users to play Microsoft's Xbox games on their PCs. Thousands of copies of the ersatz emulator may still be circulating on the Internet.
A Trojan horse program is a piece of code or a small application that misrepresents what it does. A worm or virus may travel as a Trojan horse, which purports to be a useful utility or graphic but actually contains harmful or invasive software. Most antivirus programs can protect against common Trojan horses.
The emulator had been distributed from a free Web site account hosted by Angelfire, a company owned by Lycos. Angelfire has removed the site from the Web for violating the hosting firm's terms-of-service policy, according to a notice posted on the site.
Piggyback File
The fake emulator had a file name of EMU_xbox.exe. Hidden inside the download was a program called NetBUIE.exe. That program appears to have sent "a massive burst of data to Web sites" designed to increase the hit totals of online ads, said Roger Thompson, director of malware research at TruSecure, based in Herndon, Virginia. Online ads make money by the number of people who view them and the number of people who click on them.
The Trojan horse was "probably generating click-throughs for someone," Thompson said. It's unclear whether the program did anything else to victims' PCs, he said.
"It's needle-in-a-haystack stuff to see what else it might be doing," he said, adding that it "didn't seem to drop any other programs."
Caution Urged
Because nothing obvious happened when users launched the "emulator" program, they likely assumed that it had malfunctioned and forgot about it, he said. So the program could still be on many people's PCs and "may still be generating click-throughs," he said.
"The moral of the story," Thompson said, "is that people really do have to be wary."
The Best of PC World
Microsoft Office Home and Student 2007
Featured APC Accessories
-
APC Back-UPS ES Safeguards your equipment from damaging surges and spikes that travel along your utility & data lines.
-
APC SurgeArrest Performance Highest level of protection for your professional computers, electronics and connected devices, as well as provides surge protection.
People who read this also read:
Best Prices on Antivirus Software
Norton Antivirus 2010 (Full Product, 1 User)Price: $17.90
Norton AntiVirus 2009 (Full Product)Price: $15.72
Norton Antivirus 2010 (Full Product, 1 User)Price: $16.95
Anti-virus 2010 (OEM Product, 1 User)Price: $17.95
Anti-Virus 2009 (Full Product)Price: $17.00
Norton Antivirus 2010 (Full Product, 3 Users)Price: $37.00
-
Lenovo Laptop Showcase Find out how Lenovo IdeaPads and Thinkpads balance performance and portability. Visit the Lenovo Resource Center for more info...
