Attention B2B Marketers: Access 30 Million IT Decision Makers with a Custom Lead Generation Program Click to Learn More!
Welcome Guest | Sign In
Content Marketing on ALL EC

Trojan Horse Rides in on Fake Windows Update

By Susan B. Shor
Apr 11, 2005 9:08 AM PT

As computer users get more sophisticated, so too do the schemes to ensnare them. Security company Sophos warned Friday that a bogus Web site, set up to look like the Microsoft Windows Update page, was luring Windows users into downloading a Trojan horse.

The scammers sent e-mails with subject lines such as "Urgent Windows Update," "Update your windows machine" and "Important Windows Update." The e-mails encouraged people to update their Windows software immediately and included the link to the bogus site.

Trojan Horse Rides in on Fake Windows Update

Windows Quarterly Updates

Microsoft does not notify users of updates through e-mails, but it is believed that the messages may have been timed to take advantage of Microsoft's scheduled quarterly updates, which will be released tomorrow.

"More and more users are realizing that unsolicited e-mail attachments can be malicious, and so the technique used in this instance is to not have an e-mail attachment but to link to a bogus Web site instead, rather like a phishing attack," Graham Cluley, Sophos senior engineer, told TechNewsWorld.

Simple Set-up

The site has since been shut down, which is the Web community's greatest defense against this combination e-mail/phishing scam, but it is not difficult to re-create, Cluley said.

"It is child's play to create a fake Web site which looks like someone else's. Even a semi-competent technical person could do it in an hour or two," he said. "The difficulty for the hacker is keeping the Web site active. Once a malicious attack like this occurs then there will be pressure from ISPs and the security community to have the Web site shut down to prevent the malware from being spread any further."

If a user went to the site and tried to download the bogus Windows update, their PC would instead be infected with the Trojan horse Troj/DSNX-05. Troj/DSNX/05 gives remote control of the infected PC to the hackers.

Once they have control, hackers can do a number of malicious things, including spying on a user's activity. Keystroke monitoring can allow hackers to get a hold of credit card and bank account information. The PC can also be used to send spam or launch denial of service attacks.

Facebook Twitter LinkedIn Google+ RSS
What should be done about UFOs?
World governments should cooperate to address a potential planetary threat.
The DoD should investigate -- they could signal a hostile nation's tech advances.
The government should reveal what it already knows.
The government probably has good reasons for secrecy and should be trusted on this.
Wealthy corporate space-age visionaries should take the lead.
Nothing. Studying UFOs is a waste of resources.
Keep the stories coming. People love conspiracy theories, and it's fun to speculate.