F-Secure Malware Information Pages: Trojan-Downloader.SWF.Gida.A

Main Index

Security Guide

F-Secure World Map

Security Alerts

Virus Statistics

Malware Removal Tools

Malware Code Glossary

Submit Malware Sample

Select local site

Main Index » Security Centre » Descriptions

F-Secure Malware Information Pages: Trojan-Downloader.SWF.Gida.A

[Summary] \| [Detailed Description] \| [Detection]
Name :	Trojan-Downloader.SWF.Gida.A
Alias:	Gida
Type:	Trojan-Downloader
Category:	Malware
Platform:	SWF

Radar

Summary

Trojan-Downloader.SWF.Gida.A is detection of Adobe Flash files that have seen served over Hypertext Transfer Protocol (HTTP) and linked from advertisement sites.

It injects additional HTML content to the viewed webpage which then serves malicious content.

Back to the Top

Detailed Description

The trojan contains an Adobe Flash ActiveScript which injects JavaScript code into the viewed webpage. Malicious JavaScript adds HTML to the currently viewed webpage.

Results include Drive-by downloads, Pop-up ads, and JavaScript alerts.
Several of the advertisements have been aimed at promoting rogue antispyware applications.

While Adobe Flash is a multi-platform application, the end infection is directed towards the Win32 (Windows) platform.

Adobe Flash is a common media container for banner advertisements. The trojan have been observed on several large News websites where the Flash have been shown from advertisement networks. The News sites have reacted quickly to remove such malicious Flash files.

Back to the Top

Detection

F-Secure Anti-Virus detects this malware with the following updates:

[FSAV_Database_Version]

Version = 2007-12-13_09.

Back to the Top

F-Secure Corporation

Last Modified: December 19, 2007