TROJ_DROPPR.JET

TROJ_DROPPR.JET is an e-mail-distributed Trojan dropper that displays a Word document about American rapper Adam Yuach to distract victims from its real payload: a second Trojan that connects to various URLs without permission with the intention of compromising your computer's security. While online criminals have seen Adam Yuach's recent death as just another opportunity to exploit for distributing malicious software like TROJ_DROPPR.JET, SpywareRemove.com malware researchers encourage you to shut these propagation tactics down by using common-sense safeguards for unusual e-mail messages, such as using anti-malware software to scan any file attachment before you open it. TROJ_DROPPR.JET, as is the case of most Trojans that exploit e-mail-based distribution techniques, is mislabeled to appear as a harmless text-based file type, which places emphasis on the necessity of not trusting appearances when it comes to files from unusual sources.

TROJ_DROPPR.JET: a Shameless Exploitation of Tragedy for PC Attacks

TROJ_DROPPR.JET is distributed by e-mail messages that claim to offer news about the recent death of Adam Yuach, a member of the famous Beastie Boys band. These e-mail communications pretend to be sent by the International Campaign for Tibet (or ICT) and include that organization's red emblem, along with a photograph of Adam Yuach with the Dalai Lama. An enclosed file attachment appears to be a harmless .doc file, but this file actually contains TROJ_DROPPR.JET. SpywareRemove.com malware researchers note that TROJ_DROPPR.JET does open a legitimate Word document after its launch – presumably to attempt to trick victims into thinking that the e-mail didn't have any malicious content.

However, besides this Word document, TROJ_DROPPR.JET will also install a second PC threat, TROJ_SWYSYN.SME, dubbed winlogin.exe, in an obvious attempt at passing itself off as a Windows component. Non-Windows computers appear to be immune to TROJ_DROPPR.JET, as well as its accompanying Trojan, although SpywareRemove.com malware researchers, nonetheless, warn against opening unusual e-mail files without appropriate precautions, regardless of what brand of operating system you use.

Where TROJ_DROPPR.JET's Story Ends and Other Attacks Begin

TROJ_DROPPR.JET, as a Trojan dropper, is limited to installing its predefined payload. Sadly, the same can't be said of the Trojan TROJ_DROPPR.JET installs, which SpywareRemove.com malware researcher team has found to include several types of attacks. Some issues that can result from a successful TROJ_DROPPR.JET-based installation of TROJ_SWYSYN.SME include:

• A minor loss of system resources due to TROJ_DROPPER.JET's payload launching itself with Windows and remaining open unless closed by force (via security or anti-malware programs, etc).
• Unauthorized contact with remote servers that can be used to transfer your personal information for fraudulent purposes. Alternately, TROJ_SWYSYN.SME may use this server to download and install other malicious programs, depending on its instructions.

The initial file that TROJ_DROPPER.JET uses to install TROJ_SWYSYN.SME is deleted to prevent its detection, and SpywareRemove.com malware experts suggest using suitable anti-malware scanners to find either TROJ_DROPPER.JET or TROJ_SWYSYN.SME.

Technical Details