Spoof P2P applications distribute the Lop adware

Two spoof P2P application installers, BitRoll- and Torrent101-, are being used to install the Lop adware on users’ systems. These programs are used to exchange files between remote users and both these installers are available for download on the Internet, so any user could access them and become infected.

Other false applications are also being used by cyber-crooks to install malicious code, such as a program called wavesoftwarecreative.exe (which passes itself off as audio software) or another called bitdownloadsetup.exe.

The Lop adware is designed to display ads from various advertisers through pop-up windows, banners, etc. It also switches the Internet Explorer home page to its own search engine. When searches are made with this engine, the results returned will be advertising pages related to the search words.

To help prevent detection, this adware connects periodically to a Web page from which it downloads new files containing variants of the code and making it difficult to delete all active malicious files on the system. If users try to use the program installed, they will be able to search for files but not download them.

Don't miss