Trojan Disguised as Microsoft Security Update
eweek.com: "Trojan Masquerades as Microsoft Security Update By Ryan Naraine:"The e-mail-borne attack comes just days ahead of Microsoft's scheduled patch day and highlights a growing trend of using social engineering tactics to dupe users into downloading malicious files.
It purports to come from "Windows Update" (update@microsoft.com) and includes links pointing to an "Express Install: High Priority Updates For Your Computer."
If users follow the link in the e-mail and attempt to download the fake patch, a Trojan Horse is installed instead, allowing the attacker to hijack the computer remotely.
Sophos has identified the file as Troj/DSNX-05, a backdoor Trojan that runs in the background as a server process allowing a remote user (using a client program) to gain access and control over the machine.
Microsoft does not issue security warnings in this way—so users should be on their guard whenever they receive an e-mail like this," he added.
Sophos has posted disinfection instructions for the Trojan."
posted by Jen @ 7:05 am
<< Home