Windows users warned vs malware posing as ‘gadget’

Users of computers running Microsoft's Windows operating system were warned against falling for a new wave of spam email offering a sidebar "gadget" or app.

Security vendor Appriver's Jonathan French said the malware - a Trojan that downloads malware - comes as an attachment to a spam email.

"In total there were 3 files; main.exe, gadget.html, and gadget.xml. The main.exe is the actual downloader with the others that help run the malicious gadget install," French said in a blog post.

As of Friday, he said Appriver had blocked around 70,000 messages with this malware attached.
 
French noted gadgets are the small apps used in the Windows sidebar, like a clock, RSS feeds, and CPU info.

Once the gadget file is installed, he said the malware "immediately reaches out to the internet and downloads a file with the .enc extension."

He said this could mean the gadget file "is a downloader for some malware that is using encryption to try and bypass filters." — Joel Locsin/VC, GMA News