Cameras
Camcorders
Cell Phones
Components
Desktops
HDTV
Home Theater
GPS
Laptops
Monitors
MP3 Players
Networking &
Printers
Storage
WiFi Finder
Locate wireless services by a specific address, city, state, country, airport, or zip code.
Fake Xbox Emulator Hid Trojan Horse
Host Angelfire removes Web site that secretly downloaded adware.
Sam Costello, IDG News Service
A Web page distributing what it claimed was an Xbox game emulator has been yanked from cyberspace after it was found to contain a Trojan horse program designed to generate money based on online ad hits.
The program was presented as an emulator that would enable users to play Microsoft's Xbox games on their PCs. Thousands of copies of the ersatz emulator may still be circulating on the Internet.
A Trojan horse program is a piece of code or a small application that misrepresents what it does. A worm or virus may travel as a Trojan horse, which purports to be a useful utility or graphic but actually contains harmful or invasive software. Most antivirus programs can protect against common Trojan horses.
The emulator had been distributed from a free Web site account hosted by Angelfire, a company owned by Lycos. Angelfire has removed the site from the Web for violating the hosting firm's terms-of-service policy, according to a notice posted on the site.
Piggyback File
The fake emulator had a file name of EMU_xbox.exe. Hidden inside the download was a program called NetBUIE.exe. That program appears to have sent "a massive burst of data to Web sites" designed to increase the hit totals of online ads, said Roger Thompson, director of malware research at TruSecure, based in Herndon, Virginia. Online ads make money by the number of people who view them and the number of people who click on them.
The Trojan horse was "probably generating click-throughs for someone," Thompson said. It's unclear whether the program did anything else to victims' PCs, he said.
"It's needle-in-a-haystack stuff to see what else it might be doing," he said, adding that it "didn't seem to drop any other programs."
Caution Urged
Because nothing obvious happened when users launched the "emulator" program, they likely assumed that it had malfunctioned and forgot about it, he said. So the program could still be on many people's PCs and "may still be generating click-throughs," he said.
"The moral of the story," Thompson said, "is that people really do have to be wary."
Acer Laptop Center
The Best of PC World
- Great year-end deals
for small business! -
Get 24/7 live remote AT&T Tech Support 360* service along with select Lenovo* PCs (with Intel® Core™ 2 Duo processors) and save up to 200!
-
HP EliteBook* 6930p Notebook with Intel® vPro™ technology and a free HP Basic Docking Station - $641 instant savings!
- *Other names and brands may be claimed as the property of others. ©2009 Intel Corporation. Intel, the Intel logo, vPro and Core trademarks of Intel Corporation in the United States and other countries. All rights reserved.
Dell End of Year Deals
-
Ring in the New Year with Huge Deals on Dell Computers Up to 30% Popular Dell Laptops, up to 25% off Popular Dell Desktops. Sales ends 12/31 5AM EST.
People who read this also read:
Best Prices on Security Software
Norton Internet Security 2010 - 3 UsersPrice: $26.30
Norton 360 Version 3.0 - 3 LicensesPrice: $39.99
Norton Internet Security 2010 - 3 UserPrice: $25.99
Internet Security 2010Price: $31.87
Norton 360Price: $25.00
Total Protection 2010 - 3 UserPrice: $26.47
-
Perfect Printing Solutions Find just the right All-in-One printer for you from HP. Visit the HP Resource Center.
-
Lenovo Laptop Showcase Find out how Lenovo IdeaPads and Thinkpads balance performance and portability. Visit the Lenovo Resource Center for more info...
