When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Rootkit malware has double sting in its tail

Security experts have warned of newly intercepted malware which loads a rootkit onto compromised PCs. The rootkit blocks search engines by changing local DNS settings, and installs additional malicious code.According to Panda Software, the Zcodec malware is included in a program that purports to install codecs needed to play some multimedia formats.

When unwitting users are about to install this application, a user licence window is displayed. However, no codec is installed. The program does not wait for users to accept or reject the licence agreement, as Zcodec is installed on the computer when they click on the downloaded file. Once downloaded, a rootkit is installed. Rootkits are a program designed to hide processes, files or registry entries.

Zcodec installs two executable files. The first modifies the DNS settings so that when a user clicks on results from search engines a different page is displayed. This tactic is exploited by the program's creators to profit from pay-per-click systems, or even to redirect users to pages designed to steal confidential data

View: The full story
News source: vnunet

Report a problem with article
Next Article

Wi-Fi Alliance to relax 802.11n certification

Previous Article

Windows Live QnA Public Beta