Beware of fake Java update patch — it contains malware


There are two groups in this world that are notoriously quick to react to technological change — the porn industry and hackers. The porn industry is known for pioneering new technology to try to increase revenue. For example, porn websites were one of the first websites that started accepting payments online. Hackers — typically the scumbag type, crackers — are also quick to adapt to technological current events. For example, last year Microsoft started sending out official emails informing people about changes to Microsoft Services Agreement. Crackers quickly took advantage, copied the exact email but included a malicious file attachment to infect whoever is stupid enough to open it. So, you can only imagine what sort of field day crackers have with Java.

As I’m sure most of you know, recently Java was hit with (yet another) major vulnerability. So big was this vulnerability, it hit headlines for all major news organizations and tech blogs; it even had the US Department of Homeland Security calling for people to disable Java. Luckily, Oracle quickly issued a patch once the vulnerability was made public. However, crackers beat Oracle to the punch.

Security firm Trend Micro is reporting the discovery of a fake malware Java update patch that is circulating the Internet and targeting Windows users. Crackers are obviously taking advantage of desperate Java users looking for an update to fix the latest vulnerability; this malware poses as a Java update, asking you to run a Java applet called ‘javaupdate11’. If you are foolish enough to run the applet, your computer is infected with:

  • A backdoor trojan that connects to a remote server and allows the crackers to remotely takeover your computer; and
  • A keylogger that downloads randsomware to try to lock your files and ask you to pay money to regain access.

Ironically, this particular fake Java update does not exploit the latest Java vulnerability that Oracle just patched. It simply takes advantage of the fear created by the discovery of the Java vulnerability and tricks people into downloading an infected Java applet; it takes advantage of naive users who are looking to update their Java to stay safe.

Luckily, the malware that comes with this fake Java update is known and any competent anti-virus/anti-malware program should block it, in case you do accidentally run the infected Java applet.

Goes to show you — either have Java disabled or uninstalled, or be damn sure you know what a Java applet is before you run it. Oh and also be sure to only update Java through Java’s official website.

[via Trend Micro]

Related Posts