Windows Vista Magazine advert
Welcome, Guest. Please Sign in (or Register) Welcome,  (Profile | Log out)
Real-world guides, help, tips and buying advice from the Windows Vista community
Home
My Home
Blogs
Windows Vista Help
Guides
Shop
Message Boards

Buy this issue now
Subscribe
See all issues
Win some great prizes in our fantastic competitions!
Sign up for the Windows Vista: The Official Magazine newsletter

Download our Windows Sidebar gadget and keep up to date with Windows Vista news




Discounted books and online courses to help you get the most from Windows Vista, Microsoft Office and your PC




Get your question answered with our help request service!









Home > People > ajaypathak > Blog

Beware of Fake Microsoft Security Update Email

Comments (0) | E-mail | Print
Click once to vote this item up the content rankings  0 Votes | Click to indicate that you'd like to hear less from this author | What's this?

Barracuda Networks, a security company said that they have spotted a malicious “backdoor” virus. The virus, categorized by Barracuda Central as “Trojan.Backdoor.Haxdoor,” is delivered as an attachment to an email allegedly from the Microsoft Secu...
By ajaypathak on 11 October 2008

Barracuda Networks, a security company said that they have spotted a malicious “backdoor” virus. The virus, categorized by Barracuda Central as “Trojan.Backdoor.Haxdoor,” is delivered as an attachment to an email allegedly from the Microsoft Security Assurance team and utilizes several innovative social engineering techniques, such as using Microsoft KnowledgeBase naming conventions for the file attachment, as well as the inclusion of a PGP signature block at the bottom of the email message.  The email informs the recipient that “Microsoft company has recently issued a Security Update for OS Microsoft Windows. The update applies to the following OS versions: Microsoft Windows 98, Microsoft Windows 2000, Microsoft Windows Millennium, Microsoft Windows XP, Microsoft Windows Vista.” Further, the fake email “strongly” recommends that the recipient install a “update” to “protect your computer against security threats and performance problems.”   Once installed, Barracuda Central determined that the malware "phones home," and leaves an outbound TCP connection open presumably to await further instructions.

Stephen Pao, vice president of product management for Barracuda Networks, said

The leverage of the Microsoft name, the inclusion of an apparent PGP signature block - frequently used by security professionals - and the routine nature in which users are accustomed to applying software updates make for a dangerous and potentially effective combination of social engineering techniques in this particular attack.Unsuspecting users without the proper virus protections in place, could mistakenly install the malware.  Based on the volume of real-time blocks reported by the Barracuda Real-Time Protection system in the outbreak’s early stages, we know the attack hit a significant global footprint.

Source : Barracuda Networks Detects and Blocks "Backdoor" Virus Sent via Fake Microsoft Security Update Email

Share

Note: This blog entry was originally posted on feedproxy.google.com. View original post

Comments (0) | E-mail | Print
Click once to vote this item up the content rankings  0 Votes | Click to indicate that you'd like to hear less from this author | What's this?

Appreciate this article? If so please vote positively to help push it up the rankings Click once to push vote this item up the content rankings. This helps the community find good material, and your voting enables our systems automatically personalize your experience.

Comments



Leave a Comment:
Username: 
Password: 


   
Related posts...
post+
Top blog posts
Microsoft Updates Windows Vista SP1 RC 
by computerpro2
Microsoft said today that the company planned to release an updated Windows Vist... (more)
Update on Microsoft Security Advisory 943521 
by JoshPhillips
Bill Sisk reported in The Microsoft Security Response Center (MSRC) blog that S... (more)
Microsoft Released Security Update for Internet Explorer, Update NOW 
by Vishal Gupta
Recently security experts found a security exploit in all Internet Explorer vers... (more)
Show More...
post+
Popular Guides
Security Sin 1 - "I don't need anti-virus software because I'm not at risk" 
In Get Started, by Vista Mag UK
Are your kids safe on social networks? 
In Communications, by admin
Security Sin 5 - “If I receive an email offer I always check it out – it could save me money!” 
In Get Started, by Vista Mag UK
Show More...
post+
Web favourites
www.javiercampos.info - 10 stupid Anti-Microsoft/Windows Vista claims 
www.theregister.co.uk - What does Microsoft's European defeat mean to you? 
www.theregister.co.uk - Vista raises the bar for flaw finders 
www.inspirare.net - Windows Vista power users guide 
www.vista4beginners.com - Transform your Windows Vista into a Mac OS X Leopard - Part 2 
Show More...
Hot Board Posts
What's your Windows Experience Index score? Vote and let us know!
In Windows Vista: The Official Magazine (UK), by NickO
Replies (316)
Which edition of Windows Vista do you have on your PC?
In Windows Vista: The Official Magazine (UK), by NickO
Replies (141)
Compaq laptop wireless not working
In Hardware Help, by bluesman
Replies (80)
Show More...
Future plc Logo © Copyright Future Publishing Limited. Reg No. 2008885 England. 30 Monmouth Street, Bath, BA1 2BW. All rights reserved
Windows Vista: The Official Magazine is produced with input from Microsoft but is an independent publication. Windows Vista and the Windows Vista Start logo are trademarks of the Microsoft group of companies and are used under license from owner. Microsoft is not responsible for the contents of this publication.
Read our privacy policy | Read our terms and conditions | Work for us