February 27th, 2007 by Eric Avena
While most threats limit file size (not only to evade easy detection, but to avoid possible problems in transmission), one Trojan spyware family has become (in)famous for arriving as big files. TSPY_DENUTARO?s use of big files is not a programming mistake. On the contrary, it has become a distinct technique, aiding DENUTARO?s pretense of being a media file.
To complete the scam, most early variants use the Windows Media Player icon. They can be found in peer-to-peer networks and, with their attractive file names (notably in Japanese), are downloaded by unsuspecting users. DENUTARO is thus one of the growing number of threats that ride on the rising popularity of digital media and file sharing over the Internet, joining TROJ_ZLOB, among others.
However, TSPY_DENUTARO, like any other persistent threat today, is changing. New variants discovered over the last few days now pretend to be screensaver files. One of these variants is TSPY_DENUTARO.DM. Notably, the file size is reduced considerably (though still much bigger than most threats), and they now use the WinZIP icon.
We are giving away 'Black Panther' swag!
Four lucky readers will be taking home *Marvel*ous "Black Panther" prizes, including magazines autographed by the King of Wakanda himself! Giveaway ends Feb. 25, 2018.