Fake Microsoft Outlook Update Installs Trojan Bredolab.Y (Rogue AV SecurityTool)

Custom Search

Hack in The Box
TechAirlines
Wallpapers
Computer Forensics Boot Camp
Electricity Prices
Texas Electricity
Electricity Rates in Texas
Electric Companies in Texas
Experts Galaxy
NewsApp Portal

[Welcome to SCforum.info - Security [CENTRAL] Forum]

Welcome to SCforum.info - Security [CENTRAL] Forum, a home of the SCF Community devoted to provide Computer related News, Alerts, Downloads and FREE Help in such a way that even the novice computer user can understand.

Getting started using our community is extremely easy, check the two steps below:

Step 1: Create an account by clicking here and wait for approval from Administrator. It's completely free with no hidden strings attached.

Step 2: If you have a computer problem and need some help, or just want to take part in opened discussions, simply browse Forum. Once you *Register an account, you can quickly post your questions and comments.

(*Registered Members get: free support, also, they can communicate privately with other members via PM, removal of this message, see fewer ads and much more...)

[Samker]

A malicious spam campaign caught by Panda Labs is using a fake Microsoft Update notice to trick victims into installing a Trojan. While well crafted, the attack still provides dead giveaways.

The e-mail, which Panda posts with a screen shot, is spoofed to look as if it comes from Microsoft Support: http://pandalabs.pandasecurity.com/microsoft-support-informs-you%E2%80%A6/
With a realistic-looking subject and e-mail body that attempts to piggy-back on the constant (and correct) advice to keep your computer up-to-date with patches, it's a great example of a social engineering attack.

But despite the lack of any obvious typos or grammatical errors, the e-mail does contain some clear clues. First, neither Microsoft nor any other company I know of sends patches or updates as e-mail attachments. But unless you happen to follow the breathless excitement of Patch Tuesdays, you might not pick up on that clue.

Which leaves the second giveaway: There's an attachment. Any file riding along with an e-mail should automatically draw your suspicious eye. Even if your antivirus app allows an attachment through, it's still a great idea to upload the file to: http://VirusTotal.com for a quick additional scan from about 40 other antivirus engines. Unless the attachment is a small-scale targeted attack, there's very good odds that at least some of the engines at the site will ID the threat.

In this case, Panda says unzipping and running the attached .exe would install the Bredolab.Y Trojan. And as an extra added bonus, it will also download a rogue antivirus program called SecurityTool.

(PCW)