Surfers, Beware – What You See is not What You Get!

Trojan.IFrame.GF

Today's Trojan, detected by BitDefender as Trojan.IFrame.GF is a medium-spreading security threat that arrived in the BitDefender labs on February 17th. This puny fragment of HTML code opens malicious URLs in a hidden window - usually links to scripts exploiting various vulnerabilities in browsers and browser-related software. These scripts act as fully-fledged downloaders that stealthilly drop other malicious content. More than that, the same mechanism allows malware already installed on the computer to be updated, renewed or even changed at any given moment.

Trojan.Downloader.VBS.Psyme.JA

The second security threat presented in this week's malware bulletin is closely related to Trojan.Iframe.GF. Shortly put, the former acts as a pipeline for the second, thus dramatically enhancing its spreading capabilities.

The Visual Basic script is 3KB large and also acts as a downloader for other infected binaries. Although the script's activity is less likely to be detected by non-tecnical computer users, slow internet connections and higher CPU usage are usually the first signs of infection.

Information in this article is available courtesy of: Marius Vanta