Email
Password
Remember meForgot password?
    Log in with Twitter

article imageFake Microsoft update is malware in disguise

By Justin Goodwins     May 23, 2011 in Internet
Have you recently received an email from Microsoft claiming that you need a security update? Beware, this is not from Microsoft but rather it is a spam attempt at getting you to download malware.
This email was initially sent in French, but may be showing up in different languages. The file name for this particular nasty is SECURITY_FIX_0231.exe. Already, antivirus manufacturers are scrambling to provide updates to combat this newest internet threat.
Message information you receive in an email, according to CISCO, might look like this:
Subject: URGENT: Critical Security Update
Message Body:
Dear Microsoft Customer,
Please notice that Microsoft company has recently issued a Security Update for Microsoft Windows OS.
The Security Update is to prevent malicious users from getting access to your computer files.
The update applies to the following OS versions:
Microsoft Windows 98, Microsoft Windows 2000, Microsoft XP, Microsoft Windows 7.
Please notice, that present update applies to high-priority updates category. In order to help protect your computer against security threats and performance problems, we strongly recommend you to install this update.
Since public distribution of this Update through the official website would have result in efficient creation of a malicious software, we made a decision to issue this security update via e-mail. In order to start the update, follow these steps:
1. Download the update using the following link:
hxxp://twotowers.ca/newsletter/users/microsoft.ca/update/SECURITY_FIX_0231.exe
2. Double-click on SECURITY_FIX_0293.exe to start the installation.
This is an Automated Message produced by Microsoft Canada Co., Please Do Not Reply
________________________________
Cher client Microsoft,
La socit de Microsoft a rcemment publi une mise jour de scurit pour Microsoft Windows OS.
Cette mise jour a pour bt d'empcher les utilisateurs malveillants d'obtenir l'accs vos fichiers informatiques.
La mise jour s'applique aux versions suivantes d'OS:
Microsoft Windows 98, Microsoft Windows 2000, Microsoft Windows 2003, Microsoft XP, Microsoft Windows 7.
Veuillez notez que la mise jour actuelle s'applique aux mises jour de la catgorie prioritaires.
Afin de protgez votre ordinateur contre des menaces et les problmes de performance et de scurit,
nous vous recommandons vivement d'installez la mise jour le plus rapidement possible.
Puisque la disitribution public de cette mise jour sur le site Web officiel de Microsoft aurait eu comme rsultat la cration efficace d'un logiciel malveillant, nous avons pris une dcision de publier cette mise jour de scurit via courriel.
Pour procder l'installation de la mise jour:
1. Tlchargez le fichier d'installation ici:
hxxp://twotowers.ca/newsletter/users/microsoft.ca/update/SECURITY_FIX_0231.exe
2. Double-cliquez sur SECURITY_FIX_0293.exe pour dbuter l'installation.
Ceci est un message automatis produit par Microsoft Canada Co.
Microsoft Canada Co.
1950 Meadowvale Blvd
Mississauga, ON
L5N 8L9 CANADA
Tel: 905-568-0434
Fax: 905-568-1527
Web: www.microsoft.ca
Apparently this particular piece of malware is aimed at a spam campaign for the notorious ZeuS crimeware toolkit. The goal of the ZeuS crimeware toolkit is the easy creation of custom tailored botnets. For those that don’t know, a botnet is a piece of software that infiltrates Root systems on their computer and hijacks it. Once a system is hijacked it allows a hacker to control a user’s computer. This includes not only the ability to log all data and personal information (i.e. credit card, bank info, etc .), but also to turn the users system into a zombie to use in distributed network attacks against other networks. One of the more infamous botnets created with ZeuS crimeware toolkit was Kneber botnet, which in 2010 infected over 74,000 users systems.
To protect yourself from potential infection by this virus and others follow some simple steps:
1. Never open an email claiming to be an update from Microsoft, Sun Java, or any other company. None of the major companies ever provide links to updates via email. If you’re in doubt about the validity of an update go to the company’s website for more information.
2. Make sure your antivirus software is fully updated. If you have to, go directly to your antivirus providers website and download the latest patches which may not be included in your daily update
3. Run a full virus scan of your system at least once a week.
4. Get a Rootkit analyzer such as Sophos Anti-Rootkit, Panda Anti-Rootkit, or Avira Anti-Rootkit. Be sure to thoroughly read documentation for the software before using it, as you can harm your system by removing critical files with an Anti-Rootkit.
5. If you don’t have an Antivirus program…get one. Take a look at some of the top scored antivirus software according to http://www.av-comparatives.org/. Among the best is the free program avast!.
Follow these simple steps and you’re fairly certain to remain virus, malware and botnet free. Remember, hackers try to make their wares look as legitimate as possible, so always double check before clicking any unknown link in an email, or downloading anything you haven’t verified first.
More about Microsoft, Virus, Malware, Internet security, Antivirus
 
Latest News
Top News