In a rather worrying finding, Trend Micro has stated in a blog post that it has stumbled upon a Trojan that disguises itself as a Trend Micro component. One of the tricks employed by malware writers, the Trojan disguising itself as such is being treated as potent enough to lure users into downloading and executing it. Folks at Trend Micro recently came across a file and noticed something amiss. They acknowledge, though, that for someone not well-versed with it, the file can be easily mistaken for a Trend Micro product/component. Post some analysis, they found that it indeed was a Trojan in disguise – clearly an attempt to trick unsuspecting users into downloading and executing it. The malware has been detected as TROJ_RIMECUD.AJL. Once a user executes TROJ_RIMECUD.AJL, it creates the process svchost.exe, where it injects its malicious code. Once done, the malware downloads a component package.
Click here for full story