Don't Be Fooled by Trojan Posing as a Windows 7 Compatability Tool

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

One of the better features in Windows 7 is its improved security measures -- it's one of the reasons I want to make the switch.


However, BitDefender discovered an attack apparently aimed at people who want to see if their computer is compatible with Windows 7. The "tool" is actually a Trojan dropper. According to an article by Robert Westervelt at SearchSecurity.com:

The email campaign includes a message urging the recipient to test their systems using the Windows 7 Upgrade Advisor by opening the tool contained in an attached .zip file. Once the victim executes the file, the Trojan downloads and installs a backdoor, which can be used by an attacker to force download other malicious programs.

The infection, the article added, includes a keylogger that can intercept passwords and allows the attacker to use the infected machine as a bot.


The e-mail uses language from the Microsoft marketing text to dupe users.


It was probably only a matter of time until an attack like this happened. As reported on Help Net Security:

Cybercriminals are well known for their predilection to spot and bank on people's interest in what's hot in the e-world. Operating systems and their latest developments are classic honey pots and it is practically impossible to miss their potential as baits for illicit gains.
The infection rates reflected by the BitDefender Real-Time Virus Reporting System indicates the beginning of a massive spreading of the Trojan. Although this phenomenon has just started, it seems that it's just a matter of time before the cybercriminals control a huge number of systems. Infection rates are also expected to boom because of the effective social engineering ingredient of this mechanism, namely the reference to the popular Windows OS.

So, as always, this serves as a good reminder to skip opening attachments from unknown sources.