0
images/news/virus.jpgSome pirated builds on file-sharing sites harbor attack code.
Pirated copies of Windows 7 Release Candidate (RC) on file-sharing sites contain malware, according to users who have downloaded the upgrade.
Windows 7 RC, which Microsoft Corp. will officialy launch tomorrow, leaked two weeks ago, with copies first appearing on BitTorrent tracking sites on April 24.
Some of the pirated builds include a Trojan horse, numerous users said in message forums and in comments on BitTorrent sites such as Mininova.org.
"Just a warning for anyone downloading the new RC builds of windows 7. Quiet [sic] a lot of the downloads have a trojan inbedded [sic] in the setup EXE," said someone identified as Frank Fontaine on a Neowin.net discussion thread. "The Setup EXE is actually a container, it appears to be a self-extracting EXE. There are 2 files inside, Setup.exe and codec.exe."
Fontaine's antivirus software identified the "codec.exe" file as a generic Trojan.
"Suspicious codec.exe!" reported someone labeled as "UltimateGTR" on Mininova, commenting on one of the 32-bit builds.
Another Mininova commenter, "WuNgUn," identified the malware as the "Falder" Trojan, which downloads fake security software, dubbed "scareware," to PCs and installs a rootkit to hide from legitimate antivirus products.
Microsoft, which has cited potential infection as a reason to steer clear of unauthorized downloads, jumped on the news. "This unfortunately shows that there are those out there who see the significant interest in something such as Windows 7 as an opportunity to try to take advantage of others," said Alex Kochis, director of Microsoft's Genuine Windows anti-piracy technology group, in a post to a company blog on Friday.
Computerworld
Pirated copies of Windows 7 Release Candidate (RC) on file-sharing sites contain malware, according to users who have downloaded the upgrade.
Windows 7 RC, which Microsoft Corp. will officialy launch tomorrow, leaked two weeks ago, with copies first appearing on BitTorrent tracking sites on April 24.
Some of the pirated builds include a Trojan horse, numerous users said in message forums and in comments on BitTorrent sites such as Mininova.org.
"Just a warning for anyone downloading the new RC builds of windows 7. Quiet [sic] a lot of the downloads have a trojan inbedded [sic] in the setup EXE," said someone identified as Frank Fontaine on a Neowin.net discussion thread. "The Setup EXE is actually a container, it appears to be a self-extracting EXE. There are 2 files inside, Setup.exe and codec.exe."
Fontaine's antivirus software identified the "codec.exe" file as a generic Trojan.
"Suspicious codec.exe!" reported someone labeled as "UltimateGTR" on Mininova, commenting on one of the 32-bit builds.
Another Mininova commenter, "WuNgUn," identified the malware as the "Falder" Trojan, which downloads fake security software, dubbed "scareware," to PCs and installs a rootkit to hide from legitimate antivirus products.
Microsoft, which has cited potential infection as a reason to steer clear of unauthorized downloads, jumped on the news. "This unfortunately shows that there are those out there who see the significant interest in something such as Windows 7 as an opportunity to try to take advantage of others," said Alex Kochis, director of Microsoft's Genuine Windows anti-piracy technology group, in a post to a company blog on Friday.
Computerworld
