An imposter version of the Windows 7 Upgrade Advisor is being offered in e-mail messages on the Internet, says security software vendor BitDefender, which has detected installation rates in the US of around 3 or 4 copies per hour on its security monitoring network. The proffer comes in the form of a supposed “help message” that recommends users download and install Windows 7 Upgrade Advisor setup, and supplies a link for same. Of course, that link does not go to Microsoft, and the ZIP file that gets downloaded contains a malware program named Trojan.Generic.3782603 that can install itself and other malicious and unwanted software on machines where the ZIP file gets unpacked. Among the typical payloads that this Trojan installs is a backdoor program that enables remote and unauthorized access to infected machines. In turn, this software lets the bad guys install other software or access files on infected systems, any or all of which can lead to financial losses, identity theft, and access to sensitive data or information.
BitDefender opines that “…infection rates reflected by the BitDefender Real-Time Virus Reporting System indicate the beginning of a massive spreading of the Trojan.Generic.378603….” and that “…it’s just a matter of time before the cybercriminals control a huge number of systems…” Of course, the e-mail message that serves as the pointer to the infection vector run contrary to Microsoft practice, which is never to e-mail software or links to software to customers or potential users. Savvy computer users will know this, and are unlikely to fall prey to this attack, but less sophisticated users interested in Windows 7 and the Upgrade Advisor (legimitately available through the Microsoft Download Center at the Windows 7 Upgrade Advisor page) are stil falling prey to this attack, as the BitDefender report clearly indicates.