Fake Xbox 'emulator' hiding Trojan horse removed
By Sam Costello
(IDG) -- The Web page distributing an emulator promising users they could play Microsoft Corp.'s Xbox games on their PCs has been pulled offline after discovery that it contained a Trojan horse program designed to generate money based on online ad hits. Thousands of copies of the ersatz emulator may still be circulating on the Internet.
The emulator had been distributed from a free Web site account hosted by Angelfire, a company owned by Lycos Inc. The site has been removed from the Web by Angelfire for violating the company's terms of service, according to a notice posted on the site.
Hidden in the fake emulator, which had a file name of EMU_xbox.exe, was a program called NetBUIE.exe, which appears to have sent "a massive burst of data to Web sites" designed to increase the hit totals of online ads, said Roger Thompson, director of malware research at TruSecure Corp., based in Herndon, Virginia. Online ads make money by the number of people who view them and the number of people who click on them.
The Trojan was "probably generating click-throughs for someone," Thompson said. It's unclear whether the program did anything else to victim's PCs, he said.
"It's needle-in-a-haystack stuff to see what else it might be doing," he said, adding that it "didn't seem to drop any other programs."
Because nothing obvious happened when users launched the "emulator" program, they likely assumed that it had malfunctioned and forgot about it, he said. So the program could still be on many people's PCs and "may still be generating click-throughs," he said.
"The moral of the story," Thompson said, "is that people really do have to be wary."
Xbox review: 'NBA Live 2002'
December 10, 2001
Review: 'NBA Live 2002'
November 4, 2001
Review: NBA ShootOut 2001
November 2, 2000
RELATED IDG.net STORIES:
Sony slashes North American PlayStation 2 price
Microsoft cuts Xbox price in North America, Japan
GameCube going online this Fall
'Cute' Trojan horse spreading by e-mail
Nimda, Code Red still alive and spreading
Microsoft plugs six more security holes in IE
IDG.net's Digital Media & Entertainment news
IDG.net's Security & Antivirus news
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.
TECHNOLOGY TOP STORIES:
Report: SUVs pose danger to cars
New telemarketer tool trumps TeleZapper
Terra Lycos logs $2.2B loss
AOL to offer song downloads
Microsoft seeks fiscal fountain of youth
|Back to the top|