Rootkit Malware Packs Double Punch

Panda Software has issued an alert warning of a new malware intercepted over the weekend they are referring to as ZCodec.

Security experts are warning that with this particular piece of malware, if your computer becomes infected, will block search engines by changing local DNS settings, then proceeds to install additional malicious code posing as a codec that is necessary to play some multimedia formats. It shows the end-user a license, however it does not wait for the user to agree or disagree. The moment this so-called "agreement" pops up it is already too late. In reality, no codec is installed, and instead Zcodec is installed on the computer when the user clicks on the downloaded file.

Once downloaded, a rootkit is installed. Rootkits are a program designed to hide processes, files or registry entries.

Zcodec installs two executable files. The first modifies the DNS settings so that when a user clicks on results from search engines a different page is displayed.

Further information on this is available of course at Panda Virus Encyclopedia, and at Vnunet.com. I would urge you to learn about this new threat, and be prepared. If you get a rootkit invader, you will have real problems including, redirection of users to pages designed to steal confidential data such as banking sites, or pages where you may uses your credit card information to make purchases. Also, since rootkits hide themselves so well they are also extremely difficult for anti-spyware, andti-trojan, and anti-spyware to identify.