Beware of fake Java update patch — it contains malware


There are two groups in this world that are notoriously quick to react to technological change — the porn industry and hackers. The porn industry is known for pioneering new technology to try to increase revenue. For example, porn websites were one of the first websites that started accepting payments online. Hackers — typically the scumbag type, crackers — are also quick to adapt to technological current events. For example, last year Microsoft started sending out official emails informing people about changes to Microsoft Services Agreement. Crackers quickly took advantage, copied the exact email but included a malicious file attachment to infect whoever is stupid enough to open it. So, you can only imagine what sort of field day crackers have with Java.

As I’m sure most of you know, recently Java was hit with (yet another) major vulnerability. So big was this vulnerability, it hit headlines for all major news organizations and tech blogs; it even had the US Department of Homeland Security calling for people to disable Java. Luckily, Oracle quickly issued a patch once the vulnerability was made public. However, crackers beat Oracle to the punch.

Security firm Trend Micro is reporting the discovery of a fake malware Java update patch that is circulating the Internet and targeting Windows users. Crackers are obviously taking advantage of desperate Java users looking for an update to fix the latest vulnerability; this malware poses as a Java update, asking you to run a Java applet called ‘javaupdate11’. If you are foolish enough to run the applet, your computer is infected with:

  • A backdoor trojan that connects to a remote server and allows the crackers to remotely takeover your computer; and
  • A keylogger that downloads randsomware to try to lock your files and ask you to pay money to regain access.

Ironically, this particular fake Java update does not exploit the latest Java vulnerability that Oracle just patched. It simply takes advantage of the fear created by the discovery of the Java vulnerability and tricks people into downloading an infected Java applet; it takes advantage of naive users who are looking to update their Java to stay safe.

Luckily, the malware that comes with this fake Java update is known and any competent anti-virus/anti-malware program should block it, in case you do accidentally run the infected Java applet.

Goes to show you — either have Java disabled or uninstalled, or be damn sure you know what a Java applet is before you run it. Oh and also be sure to only update Java through Java’s official website.

[via Trend Micro]

Related Posts

  • Harold

    @Mike: Exactly my experience! After deleting Java I discovered that some of my everyday browser activities no longer worked. Having read that the latest release of version 6 was relatively safe, I downloaded version 6.0.380.5 from Java. After installation, everything seems to function correctly once more. Of course, I have no way of knowing if and/or when some low type will discover and exploit a vulnerability in this version.

  • Mike

    And so, I disable Java, rarely needing it. And then, of course, I needed it the next day . . . . :^)

  • GF

    @JonE: > This is precisely the reason I do not let one single program on my computer update itself


  • AT

    I do hope MS Security Essentials catches the JAVA patch malware especially in light of MSSE failing to gain certification.

  • JonE

    This is precisely the reason I do not let one single program on my computer update itself. It is also one of the reasons I only use one site for my downloads.

    After I finished the article I was wondering why anyone would download something like Java from anywhere except the Sun Site. And then I remembered being a new user and not having the slightest idea what Macromedia Flash or Java was or even why I needed these applications. And I remembered that nearly all my computer lessons were learned the hard way. The reason I do things the way I do them now. And being badly infected a couple times taught me what I needed to know about wiping a disk and reinstalling the OS. And the importance of backup.

    I’m still learning, and just when I get to thinking I’m pretty danged smart and intelligent there is something that comes along and twists my head around and reminds me that I’m not so smart after all.

    There will always be some kind of threat out there.

  • Ed

    Really ! This is now getting to be rediculous with Java. Thankfully I have not had it istalled on any of my systems for years now, there really is no need for it on the average home computer.

  • Injeun

    Hackers deserve to be mugged.