New fraudulent adware uses rootkit techniques

PandaLabs has detected the appearance of VideoCach, a new adware specimen. This malicious code is designed to fraudulently promote certain security applications. This adware includes the novelty of using rootkit techniques. Rootkits are programs designed to hide files or processes running on a computer. This makes malicious code that use rootkit techniques more difficult to detect.

VideoCach creates shortcuts on the desktop and displays false infection alerts. It also opens Internet Explorer windows falsely telling users that there is malware installed on the computer.

This adware includes links to web pages from which dubious security applications can be downloaded or bought. When run, these tools scan computers although the results are at best dubious. They normally detect inoffensive cookies as malware, or report unimportant errors, such as Windows registry entries referring to a nonexistent file.

In any event, the application displays messages warning users of a security risk and demanding money in order to eliminate the threats detected.