Security experts yesterday warned that a growing number of maliciously coded web pages are downloading spyware programs onto computers without the consent of the sites visitors.
One of these programs is particularly dangerous due to its enticing bait, a sudoku puzzle. The application in fact operates perfectly, allowing users to play the game. However, without users knowing, every time the application is opened, it downloads YazzleSudoku, a type of spyware, onto the computer.
Typically the application operates perfectly, allowing users to play the sudoku game. However, without the users knowledge, it downloads a spyware, YazzleSudoku, every time the user opens the application. Once YazzleSudoku is installed on a computer, it creates several Windows registry entries to ensure that it remains active. Similarly, it generates a series of files it needs to operate, with names such as RL_SudokuInstaller.rar.lnk, or Yazzle Sudoku. Then, YazzleSudoku displays advertising messages on the screens of compromised computers.
It is important to note that when starting to play the game, users are warned that spyware will be installed. If the user agrees, the spyware will be installed on the computer. However, if users do not agree, they will not be able to use the sudoku program.
According to Luis Corrons, director of PandaLabs, “Spyware is, without a doubt, one of the major threats to users. This type of malware clearly conforms to the current objective of malware creators earning money. Nevertheless, as the effects of spyware are not particularly obvious and do not appear to be dangerous, many users do not treat spyware with the respect it deserves. This however is a mistake, as spyware does not just slow down systems and cause errors, it also intrudes upon the privacy of users who should not consent to its installation.”