Fake Google site hides Trojan horse

Scammers have set up an exact copy of the download page for Google’s Toolbar plugin in an attempt to lure users to download a Trojan backdoor.

Reported by security outfit Surfcontrol, some versions of the scam even spoof the correct Google Toolbar web address for Internet Explorer, using Google's own redirection service in an attempt to hide the real, non Google address.

The Trojan itself - W32.Ranky.FW - is designed to turn the PC into a bot zombie, and is spread using the conventional technique of asking recipients of a spam email to follow an embedded link. Techworld.com - Fake Google site hides Trojan horse

Linked by shanmuga Friday, 21st July 2006 11:33PM