Fake Microsoft 'explorer.exe' Security Patch

Discussion in 'spyware news and general information' started by NICK ADSL UK, Nov 14, 2005.

Thread Status:
Not open for further replies.

    NICK ADSL UK Administrator

    May 13, 2003
    Malicious Website / Malicious Code: Fake Microsoft 'explorer.exe' Security Patch
    Websense® Security Labs™ has received reports of a email scam disguised as a Microsoft Security Update for Explorer.exe. Users receive a spoofed email message instructing them to click on a link to immediately download and install a bugfix from Microsoft.

    The link in the email takes the user to a fraudulent website, designed to appear as the legitimate Microsoft Windows update site. The security update hosted on this page is actually a backdoor Trojan horse. Upon execution, the backdoor sends an HTTP request with the IP address of the infected computer and then waits for a connection from the malware author.

    The site hosting the malicious file is in the United States, the site where the IP address is reported is hosted in Germany. Both were online at the time of this alert.

    Phishing site screenshot:


    Attached Files:

Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.