Welcome Guest | Sign In

Trojan Horse Rides in on Fake Windows Update

By Susan B. Shor
Apr 11, 2005 9:08 AM PT

As computer users get more sophisticated, so too do the schemes to ensnare them. Security company Sophos warned Friday that a bogus Web site, set up to look like the Microsoft Windows Update page, was luring Windows users into downloading a Trojan horse.

The scammers sent e-mails with subject lines such as "Urgent Windows Update," "Update your windows machine" and "Important Windows Update." The e-mails encouraged people to update their Windows software immediately and included the link to the bogus site.

Trojan Horse Rides in on Fake Windows Update

Windows Quarterly Updates

Microsoft does not notify users of updates through e-mails, but it is believed that the messages may have been timed to take advantage of Microsoft's scheduled quarterly updates, which will be released tomorrow.

"More and more users are realizing that unsolicited e-mail attachments can be malicious, and so the technique used in this instance is to not have an e-mail attachment but to link to a bogus Web site instead, rather like a phishing attack," Graham Cluley, Sophos senior engineer, told TechNewsWorld.

Simple Set-up

The site has since been shut down, which is the Web community's greatest defense against this combination e-mail/phishing scam, but it is not difficult to re-create, Cluley said.

"It is child's play to create a fake Web site which looks like someone else's. Even a semi-competent technical person could do it in an hour or two," he said. "The difficulty for the hacker is keeping the Web site active. Once a malicious attack like this occurs then there will be pressure from ISPs and the security community to have the Web site shut down to prevent the malware from being spread any further."

If a user went to the site and tried to download the bogus Windows update, their PC would instead be infected with the Trojan horse Troj/DSNX-05. Troj/DSNX/05 gives remote control of the infected PC to the hackers.

Once they have control, hackers can do a number of malicious things, including spying on a user's activity. Keystroke monitoring can allow hackers to get a hold of credit card and bank account information. The PC can also be used to send spam or launch denial of service attacks.

Facebook Twitter LinkedIn Google+ RSS
How urgent is the need to provide broadband services for rural U.S. communities?
It's critical to the entire economy, and everyone should share the cost.
If rural residents really want high-speed Internet, they should foot the bill.
Internet providers will benefit -- they should build out their own networks.
The government should ensure that everyone is connected, but broadband isn't necessary.
People who choose to live off the grid do so for a reason -- leave them alone.
Providers should improve broadband services in heavily populated areas first.