RESEARCH BLOG

Unwanted program instead of movie…

Unwanted program instead of movie…

 

3

 

Who doesn’t love movies…?

Who doesn’t want to sit at home (on a rainy day with a chocolate beverage and snacks) and watch a new movie?

 

It all started when my sister came to me and asked if I could join her to see a movie (“Maleficent”) at the theater. She really wanted to go, because she had heard good reviews about this movie.

After reading reviews I decided to download a trailer.

The procedure was simple as usual: I’ve found the link and clicked on it.

 

(It is important for me to indicate that I wanted to download trailer with subtitles)

After a while a strange file was downloaded to my computer.

 

The icon of the file looked as a safe video file, but I noticed right away that the extension of the file was EXE (portable executable).

4

 

It is clear to me that the trailer must be just a movie and not executable program that could harm my system.

Obviously I did not execute this file, but only downloaded it for analysis.

 

The program is detected by most computer security software, including Total Defense Anti-Virus, which detects this file as “Win32/SomotoUnwantedNotAVirus.A”.

It may cause damage to affected system by downloading and running unwanted applications from the internet without users knowledge nor approval.

The only thing that I thought about is to advice my friends, not to run downloaded stuff right away, to be careful, even if the icon looks safe.

We better remember that an icon may be created by cyber criminals in order to confuse us and let us thing that the file is just text, picture, music or video.

Eventually, I took my sister to see “Maleficent” at the theater and  we enjoyed it very much ;-)

 

By Elior Biton.