Bogus Microsoft security bulletin hides Trojan

By Iain Thomson on Jul 2, 2007 7:00AM
Bogus Microsoft security bulletin hides Trojan
Experts are warning of a bogus Microsoft security bulletin that contains malware designed to take control of the user's PC.

The emails contain the header 'Microsoft Security Bulletin MS07-0065' and come with Microsoft logos and a layout very similar to the Microsoft web page.

Recipients are told that a zero-day flaw in Outlook has already been exploited to infect over 100,000 machines, and the email contains a link to the 'patch' for the problem.

"Security bulletins from Microsoft describing vulnerabilities in its software are a common occurrence, so it comes as no surprise to see hackers adopting this kind of disguise in their attempt to infect Windows PCs," said Graham Cluley, senior technology consultant at Sophos.

"The irony is that, as awareness of computer security issues and the need for patching against vulnerabilities have risen, social engineering tricks which pose as critical software fixes are likely to succeed in conning the public."

The link in fact downloads the Behav-112 Trojan, which allows the computer to be operated remotely to send spam or take part in distributed denial-of-service attacks.

The emails have been widely spammed out over the past few days.



Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
bogus bulletin hides microsoft security trojan

Partner Content

Why Most MSPs Are Invisible (And What the Smart Ones Are Doing Instead)
Why Most MSPs Are Invisible (And What the Smart Ones Are Doing Instead)
Have ticket queues become your quiet business risk?
Have ticket queues become your quiet business risk?
Think Technology Australia deliver massive ROI to a Toyota dealership through SharePoint-powered, automated document management
Think Technology Australia deliver massive ROI to a Toyota dealership through SharePoint-powered, automated document management
Easily turn small, low-tech rooms into future-ready collaboration hubs
Easily turn small, low-tech rooms into future-ready collaboration hubs
Shortfalls in cyber expertise deepen the cost and complexity of security incidents
Shortfalls in cyber expertise deepen the cost and complexity of security incidents

Sponsored Whitepapers

Protect the data your business relies on
Protect the data your business relies on
Cut through the SASE confusion
Cut through the SASE confusion
Stay protected as cyber threats evolve
Stay protected as cyber threats evolve
Defend Your Network from the Next Generation of AI Threats
Defend Your Network from the Next Generation of AI Threats
The race to AI advantage is on. Don’t let slow consulting projects hold you back.
The race to AI advantage is on. Don’t let slow consulting projects hold you back.

Events

Pipeline 2026: Game Changers
Pipeline 2026: Game Changers

Most read articles

Digital61 expands cybersecurity portfolio

Digital61 expands cybersecurity portfolio
SentinelOne signs distribution agreement with Sektor

SentinelOne signs distribution agreement with Sektor
HamiltonJet partners with digital services provider Fortude

HamiltonJet partners with digital services provider Fortude
Save-the-dates for Pipeline 2026: We're levelling up to Hamilton Island in May!

Save-the-dates for Pipeline 2026: We're levelling up to Hamilton Island in May!

Log in

Email:
Password:
  |  Forgot your password?