Virus

W32/Topsix!tr

Analysis


Specifics
This 32-bit threat is a porn dialer program and has a file size of 9216 bytes. It is a threat so systems which have modems installed and a connected phone line, and a RAS dial-up configuration. No actions are performed against systems which do not meet these criteria if the threat is run.

The dialer program contains a disclaimer warning users that they must be 18 years old to use the service -

ISTANT-ACCESS: YOU MUST BE EIGHTEEN (18) YEARS OF AGE OR OLDER) TO USE THIS SERVICE.
IF YOU ARE EIGHTEEN (18) YEARS OF AGE OR OLDER AND HAVE READ THE FOLLOWING TERMS OF SERVICE IN FULL, CLICK ON THE OK BUTTON BELOW. WARNING: By using this software, your modem will dial a Premium Rate Number. NO CREDIT CARD IS REQUIRED TO ACCESS THIS SERVICE, YOU WILL ONLY BE CHARGED ON A MINUTE-BY-MINUTE BASIS ON YOUR PHONE BILL FOR A PREMIUM RATE CALL. By using the software, your computer will terminate the modem connection to your usual Internet service provider. Your modem will then dial a PREMIUM RATE TELEPHONE NUMBER. Using this software will initiate a direct connection to our server at a cost of 1.50£ per minute up to a maximum charge of £20. The materials that are available within the site may include graphic visual depictions and descriptions of nudity and sexual activity and should NOT be accessed by anyone who is younger than 18 years old, or who does not wish to be exposed to such materials (10885).



Recommended Action

  • Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option