Soccer Trojan from South Africa
Home Grown Malware?
It looks like Trojan tvwjfm.exe (with several other names too – list of known names and further information) could have originated from South Africa. At least the first reported infections came from this locale.
This makes a change to the norm where the largest percentage of new malware hails from the Asian Sub-Continent, although a tie-in to this region cannot be excluded.
This Trojan has not had a big impact; outbreaks so far seem to be limited, possibly deliberately targeting specific users. However, the few reported instances should not be taken to imply this Trojan is not dangerous – it is.
The file is unusually large for a Trojan, containing a package of other files. If run, it behaves like an application installer. Even if the install is cancelled, the Trojan installs other malware unknown to the PC user.
I have decided to unofficially name this Trojan (as yet it has no official name) the Soccer Trojan. It presents itself with an icon of a soccer ball superimposed over a PC display, similar to the image on the left, which is clearly an attempt to encourage followers of this ball game to run the file.
Hopefully the Soccer Trojan will remain obscure, and not spread. Our vigilance is required at this early stage to interdict the malware before it gets the opportunity to ‘go viral’ and escape into the wild.
Posted on November 28, 2011, in Malware, Virus, Trojans, Security Threats and tagged Business, Hacking, Malicious Software, malware, Security Risks, South Africa, Trojan Horses, Virus. Bookmark the permalink. 2 Comments.