Page 2 of 2 FirstFirst 12
Results 11 to 11 of 11

Thread: Fake MS updates - archive

  1. #11
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005

    Thumbs down Fake MS Update SPAM...


    Fake MS Update SPAM...
    June 22, 2009 - "... Close to the weekend, we identified SPAM claiming to be a Microsoft Outlook and Outlook Express critical update that “offers the highest levels of stability and security.” A tricky difference here is that all the links in the email (the links to Contact Us, Privacy Statement, Trademarks, and Terms of Use) are legitimate–except one. The URL where the “critical update” may be downloaded looks legitimate, but hovering over the hyperlink (or checking the source code of the mail) reveals a totally different destination... For content security experts this already bears the marks of an email-based cyber-criminal attack. True enough, the URL leads to the download of a file (detected as TROJ_ZBOT.BTS) that on its execution it accesses a website to download a .bin file with information referring to where the Trojan can download an updated copy of itself, and where to send stolen data. The list also contains compromised websites targeted for stealing information. Our engineers confirm that the list was containing several names of banking institutions, among other social networking targets like Facebook and MySpace, and media sites YouTube and Flickr. The list can be viewed here*. Note that the said list may be changed at any time. How does the scam work? Whenever the user visits any of the monitored sites, the Trojan starts logging keystrokes. It then saves gathered information (which presumably includes sensitive information like user name and password, credit card information, etc.) in a file and then sends the file to a dedicated server via HTTP POST..."

    (Screenshots available at the Trendmicro URL above.)


    Last edited by AplusWebMaster; 2009-06-23 at 15:55.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts