Needy.E is a Java applet based trojan that changes the
Internet Explorer start page changes search settings to
ones contained in the trojan and downloads a trojan
downloader. Needy activates when user views a web page or
HTML E-mail that contains reference to the trojan file.
The Needy.E is activated when a web site containing the
trojan is loaded with unpacthed Microsoft Internet Explorer
browser. When the JAR file containing the trojan is executed
it uses Microsoft Internet Explorer VerifierBug vulnerability to get
full privileges by escaping the Java security, and execute its
code.
When executed the trojan modifies the Internet Explorer start page
to point to the site where the trojan is downloaded from, and changes
search settings to point to pornographic services.
In addition to changing the Internet Explorer settings the trojan
downloads trojan downloader win32.barlf and executes it.
![](/images/pixel.gif"){kind=tracking}
