NOD32 and Antivirus News
Threat and Security News

Fake Microsoft e-mail contains Trojan virus

Along with the vulnerabilities that Microsoft patched Tuesday, the software giant's customers have a new problem to grapple with: a fake notification e-mail that looks remarkably legitimate.

Attackers are apparently taking advantage of Microsoft's Patch Tuesday to send legitimate-looking e-mails that include a Trojan virus. Trojan.Backdoor.Haxdoor allows attackers to execute files and steal information from compromised computers. The fake mailing includes a legitimate-looking PGP signature, as well as purporting to come from a real Microsoft employee.

Christopher Budd, a security program manager in the Microsoft Security Response Center, offers this perspective on the e-mails in a security posting:

We received some questions from customers about an e-mail that's circulating that claims to be a security e-mail from Microsoft. The e-mail comes with an attached executable, which it claims is the latest security update, and encourages the recipient to run the attached executable so they can be safe. While malicious e-mails posing as Microsoft security notifications with attached malware aren't new (we've seen this problem for several years) this particular one is a bit different in that it claims to be signed by our own Steve Lipner and has what appears to be a PGP signature block attached to it. While those are clever attempts to increase the credibility of the mail, I can tell you categorically that this is not a legitimate e-mail: it is a piece of malicious spam and the attachment is malware. Specifically, it contains Backdoor:Win32/Haxdoor."

Dancho Danchev at ZDNet's Zero Day ponders whether the timing of this malware campaign will affect its success rate.

"Compared to the recent targeted malware attack against U.S schools, and the massive fake CNN news items campaign taking advantage of client-side vulnerabilities, this one is definitely going to have a lower success rate--no matter the timing," Danchev writes.

Microsoft's October 2008 security bulletin included four critical bulletins concerning Windows, Internet Explorer, Microsoft Host Integration Server, and Microsoft Excel.

Original Article

Bookmark with:

This entry was posted by Justin Payton on Wednesday, October 15. 2008 at 15:52. and is filed under Adware, Spyware and Trojans.


NOD32 AntiVirus Products    Products    NOD32 FAQs    FAQs    Buy NOD32 AntiVirus Online    NOD32 4 Students    NOD32 Student and non-profit Discounts    NOD32 4 Non-Profit    NOD32 online purchase    Buy NOD32 Online    nod32 anti-virus

BETTERANTIVIRUS.COM℠ is a US based reseller of Eset Software's NOD32 Solutions
BETTERANTIVIRUS.COM℠ and it's contents is Copyright © - Web Your Business Inc.
BETTERANTIVIRUS.COM℠ & Web Your Business™ are trademarks of Web Your Business Inc.
ESET®, NOD32, ESET Antivirus, Smart Security® Trademark of ESET, LLC
All rights reserved by their respective owners.

Web Site Hosting by AAA Business Hosting