F-Secure
Tools
Trojan-Downloader:SWF/Gida.A
Summary
This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.
Disinfection
Allow F-Secure Anti-Virus to disinfect the relevant files.
For more general information on disinfection, please see Removal Instructions.
Additional Details
Trojan-Downloader:SWF/Gida.A contains an Adobe Flash ActiveScript which injects JavaScript code into the webpage being viewed.
Distribution
Gida.A has been observed on several large news websites where the Flash is used to show material from third-party advertisement networks. The sites have reacted quickly to remove such malicious Flash files.
Adobe Flash is a common media container for banner advertisements. While Adobe Flash is a multi-platform application, the end infection is directed towards the Win32 (Windows) platform.
Activity
The injected code results in the user being subjected to such unwanted or malicious actions as popup advertisements pushing to rogueware, JavaScript alerts and driveby-downloads.