Intraday malicious virus program: Trojan.Win32.FakeIME.k

Behaviour:
This malicious Trojan virus program is a Dynamic Link Library (DLL) files which released by account stealer Trojan program.
After being executed, the virus program shall pretend to be input method file (with file extension of IME), and register as system default input method. So the virus program shall be executed with Advanced Text Services. Also, after being executed, the virus program shall check the infected computer for online game program and, then steal and record the infected computer users’ online game account and other important information. Then the virus program shall send the record out to the server which appointed by hackers. The hackers shall crack the infected computer users’ online game account with the record from the account stealer Trojan program. This is the way hackers get benefits and make the infected computer users’ virtual properties suffer from losses. So this malicious Trojan virus program threatens online game players; account security seriously.

Statistics:
RISING Cloud Security reported:
May 18, 2010 there were 3,075,277 devices got malicious attack via malicious Webpage Horse Hanging tech, and RISING Virus Lab has intercepted 199,537 malicious hyperlinks with webpage Horse Hanging tech. And Rising Cloud Security got 45,277 reports from end users.

Top5 Infected Website:
1, **w.dragontv.cn/html/new/2009/0304/1.html
with malicious hyperlink: http://**.12.170.183:8081/user/inc/yh/ie.html?xx, etc.
2, **n.58.com/aoyun/html_list/?wow/=/2zxp/07973888318.html
with malicious hyperlink: **.sanxia.net.cn/up/up/ok.html?xxxx, etc.
3, **.3320.net/blib/c/read/1/106/726.htm
with malicious hyperlink: **33.2288.org:89/wm/lz833.htm, etc.
4, **ww.optics.fudan.edu.cn/news/wow/1588.html
with malicious hyperlink: **s.xinchao.com/manyou/api/ie.html?xx, etc.
5, **.zzu.edu.cn/classware/clkx/
with malicious hyperlink: **b.2288.org/88/6.htm, etc.

Notice: the symbol ‘*’ means a stochastic letter or number.

Solutions:
1. Install Rising Internet Security or Rising Anti-virus, personal firewall, update in time, and at least 3 times per day for updating Rising.
2. Install Rising PC Doctor, and choose “Leaks” function to check the leaks or vulnerabilities exist in your computer operation system, patch your computer system in a timely manner as many viruses spread by taking advantage of the system exploits or vulnerabilities.
3. Do not browse suspicious websites, and suspicious inserter; turn off or delete unnecessary system services.
4. Do not receive the suspicious file from QQ, MSN, Email, etc.
5. Open RISING Active Defense and Auto-Protect function when accessing to the internet.


*You can buy RISING Security products here or free download to try.
*If you have any questions about RISING products, please visit Rising support centre for help.