Don’t be Tempted by the Kama Sutra Backdoor Trojan
By on January 15th, 2011

appleIt’s difficult for some of us to resist clicking links or opening emails with provocative titles. That’s what hackers count on. Recently, one of many successful malware attacks was a file named Real kamasutra.pps.exe. Sophos reported that it really is a PowerPoint slideshow, but don’t get your hopes up. You’d have to infect your computer to see the images.

malwareWhat I will do is warn everyone, once again, not to be fooled by the old double extension trick. Even though you may think .PPS (slideshow), the .EXE on the end of the file makes it an executable file. When it’s launched, the slideshow above actually did display some rather unique images, however, it also installed a backdoor trojan. The trojan, called Troj/Bckdr-RFM, allows hackers to silently gain access to your PC. Once inside they can steal your data, your identity, and use your machine for any number of illegal activities.

Most of the time, you’ll see files with double extensions in email. One of the most famous email exploits was the I LOVE YOU.TXT.VBSfile. The .VBS on the end made it a Visual Basic Script, which installed a virus on millions of PCs back in 2000.

These days, your biggest risks come from clicking shortened links in social networking sites like Twitter and Facebook. Thankfully, most of the short URL providers, like Goo.gl and Bit.ly, try to make sure that the links don’t end up at known bad websites.

If you’ve waited patiently hoping for a glimpse of the images in that Kama Sutra slideshow, visit the Sophos blog.

Tags: , , , , , ,
Author: Clif Sipe Google Profile for Clif Sipe
Promoting Freeware and Free information since 2004. Owner of FreewareWiki.com with over 2000 pages of freebies. Please subscribe to my Google Feed or follow me on Twitter @clifnotes.

Clif Sipe has written and can be contacted at clif@techie-buzz.com.
  • http://www.itrush.com IT Rush

    That’s a very ugly filename… Thanks for the headsup!

 
Copyright 2006-2012 Techie Buzz. All Rights Reserved. Our content may not be reproduced on other websites. Content Delivery by MaxCDN