Trojan Masquerades as Google Toolbar

Reports of a Trojan masquerading as Google Toolbar hit the media wires and security groups earlier today. It appears a link to the malicious Trojan was spammed via email. The subject line of that email read, "New Google Toolbar Released". According to SurfControl, the company credited with first discovering the threat, the link contained in the email points to a website that spoofs the legitimate Google Toolbar site and offers the file "GoogleToolbarFirefox.exe". Instead of a toolbar, users who downloaded the file were instead downloading a variant of the Ranky Trojan, a proxy Trojan exploited by spammers to send unwanted email through infected machines. Antivirus vendor Sophos detects the Trojan as Troj/Ranck-EP.