Computer users know that they shouldn’t touch system files. If they did, they could damage their computers. A well-known ploy of malware authors is to name their files after system files. Users can be tricked into ignoring malicious files on their systems by this social-engineering method.

Let’s look at what the Backdoor-CEP.gen Trojan does, for example. When a user is infected with this Trojan, its drops the file server.exe into the user’s system directory:

 server.exe

Like many system files, server.exe is hidden. Now how many users would take a second look at server.exe in their system32 folders? Unfortunately, server.exe is a backdoor that waits for and responds to commands from remote attackers. As always, users should exercise caution when dealing with executables of unknown origin. For more about the Backdoor-CEP.gen family, check out its VIL page.