Defend what you create

Other Resources

Close

Library
My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets

Profile

Back to news

Doctor Web: Trojan.Winlock in LJ

February 3, 2011

Doctor Web – the Russian anti-virus vendor – warns users about a new technique used by criminals to spread Trojan programs blocking access to Windows. Links luring users to download this malicious program are posted as comments at the LiveJournal web-site. Clicking on the comment directs a user to a photo hosting site from which they are redirected to an adult-content site where they are prompted to download an exe file — Trojan.Winlock.

Social networking sites have always been among prime targets of criminals. However, by now they haven't been exploited to spread modifications of Trojan.Winlock since other channels were in use, such as adult content web-sites, file sharing resources and other sites providing access to objectionable content.

The financial scheme used by propagators of Trojan.Winlock has undergone changes in recent months following the low-enforcement agencies crack-down that complicated use of short numbers at which victims were supposed to send paid messages. Besides, virus makers started searching for new channels to spread malware and LiveJournal has become one of them.

Since the late January 2011 users of the social networking service have been receiving comments containing an image linked to a photo-hosting site from which they are redirected to an adult-content resource. There they are prompted to download an exe file which the notorious Trojan.Winlock.

If the iser is tricked into downloading the file, Trojan.Winlock blocks access to the system and demands a ransom to unlock it.

As of today about 50% of all requests to Doctor Web's technical support concern Trojan.Winlock. Users who don't want to fall for the trick are recommended to use licensed anti-virus software and refrain from visiting objectionable sites.

If your system has been infected by Trojan.Winlock, visit www.drweb.com/unlocker, a web-site used to help users unblock their systems.

Tell us what you think

You will be awarded one Dr.Webling per comment. To ask Doctor Web’s site administration about a news item, enter @admin at the beginning of your comment. If your question is for the author of one of the comments, put @ before their names.


Other comments

The Russian developer of Dr.Web anti-viruses

Doctor Web has been developing anti-virus software since 1992

Dr.Web is trusted by users around the world in 200+ countries

The company has delivered an anti-virus as a service since 2007

24/7 tech support

© Doctor Web
2003 — 2019

Doctor Web is the Russian developer of Dr.Web anti-virus software. Dr.Web anti-virus software has been developed since 1992.

2-12А, 3rd street Yamskogo polya, Moscow, Russia, 125040