Fake Microsoft 'explorer.exe' Security Patch

Discussion in 'news, general information and FAQs' started by NICK ADSL UK, Nov 14, 2005.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Malicious Website / Malicious Code: Fake Microsoft 'explorer.exe' Security Patch
    Websense® Security Labs™ has received reports of a email scam disguised as a Microsoft Security Update for Explorer.exe. Users receive a spoofed email message instructing them to click on a link to immediately download and install a bugfix from Microsoft.

    The link in the email takes the user to a fraudulent website, designed to appear as the legitimate Microsoft Windows update site. The security update hosted on this page is actually a backdoor Trojan horse. Upon execution, the backdoor sends an HTTP request with the IP address of the infected computer and then waits for a connection from the malware author.

    The site hosting the malicious file is in the United States, the site where the IP address is reported is hosted in Germany. Both were online at the time of this alert.

    Phishing site screenshot:

    http://www.websensesecuritylabs.com/alerts/alert.php?AlertID=336
     

    Attached Files:

Thread Status:
Not open for further replies.