Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Trojan Masquerades as Microsoft Security Update

    Written by

    Ryan Naraine
    Published April 11, 2005
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      Anti-virus vendors have raised the alarm for a malicious new Trojan masquerading as a critical Microsoft security patch.

      The e-mail-borne attack comes just days ahead of Microsofts scheduled patch day and highlights a growing trend of using social engineering tactics to dupe users into downloading malicious files.

      According to an advisory from anti-virus specialist Sophos Inc., the attackers are using a coordinated e-mail campaign to direct users to download the bogus Microsoft patches from a malicious Web site.

      Even though Microsoft never sends out updates or security alerts via e-mail, Sophos senior technology consultant Graham Cluley said the publics rising paranoia about the security of Windows computers plays into the hands of the attackers.

      The e-mail includes the Microsoft Windows logo and is disguised under one of the following subject lines: “Update your Windows machine,” “Urgent Windows Update” and “Important Windows Update.”

      It purports to come from “Windows Update” (update@microsoft.com) and includes links pointing to an “Express Install: High Priority Updates For Your Computer.”

      If users follow the link in the e-mail and attempt to download the fake patch, a Trojan Horse is installed instead, allowing the attacker to hijack the computer remotely.

      Sophos has identified the file as Troj/DSNX-05, a backdoor Trojan that runs in the background as a server process allowing a remote user (using a client program) to gain access and control over the machine.

      When first run, the Trojan copies itself to the Windows System directory using the name of a randomly chosen DLL file and a .exe extension.

      Sophos warned that the Trojan then creates a registry entry to run the file automatically each time the infected machine is rebooted.

      /zimages/5/28571.gifRead more here about security experts warnings of new worms.

      “This criminal campaign exploits the publics rising paranoia about the security of their Windows computers. If users fall for it, they may put themselves at risk of being spied upon or having their credit card and online banking details stolen,” Cluley said.

      He recommended that users keep up to date with the latest security patches from Microsoft, but stressed that users must be very careful to avoid downloading files received in e-mails.

      “[They must make sure] they are going to the official update Web sites, rather than just following links in e-mails which have been sent by hackers,” he said.

      “Microsoft does not issue security warnings in this way—so users should be on their guard whenever they receive an e-mail like this,” he added.

      Sophos has posted disinfection instructions for the Trojan.

      Its not the first time a bogus Microsoft security patch was used to trigger a worm attack.

      /zimages/5/28571.gifClick here to read more about a worm that masqueraded as a patch to defend MyDoom.

      Back in 1994, a patch promising to protect users from the MyDoom worm turned out to be a malicious virus targeting Windows machines throughout Europe and parts of North America.

      That attack was also e-mail borne and arrived with a subject line of “Microsoft Alert: Please Read!”

      /zimages/5/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

      Ryan Naraine
      Ryan Naraine

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×