Digital Edition

SYS-CON.TV
Trojan Horse Targets Microsoft Users
Fake Website Drags Phishing and Spoofing to New Lows

"Mike" is a seasoned reporter who has covered IT for more than two decades. He's used to getting hundreds of spam messages a day, and more recently, a continuous streams of directives imploring him to "fix" some problems with his accounts at Citibank, Washington Mutual, PayPal, and eBay. (He actually has an account at only one of those.)

Now comes word of an effort to direct users to a fake website that looks like Microsoft's Windows Update page, according to Sophos, an "anti-virus, anti-spam" firm in Vancouver, Canada. The company described fake headlines such as "New Bagle Variant Combines Spam, Trojan Horses" in the malicious messages.

Mike, who wishes to remain anonymous, also received one of these messages when he checked his e-mail first thing Saturday morning in the U.S. "It looked like B.S. to me," he said, "but it was yet another annoyance that kept me from doing what I wanted to do. And it came to my business e-mail account, so I assume everyone else in the company got one. What if just one of them is fooled? Will this virus spread throughout our network?"

A check at Symantec's web site didn't show any news about this specific threat, but did show two other threats classified as "wild" that emerged this morning, one that simply opens a back door for potential future access and one that will shut down an infected computer. The site run by the Trojan Horse gang was originally registered in Canada, and has now been shut down. But past history has shown that virus-writers come from all over the world, including the Philippines, Bulgaria and other former Soviet Block countries. In other words, from anywhere.

With website registration still being a relatively easy, inexpensive process, with the ability to send millions of messages simultaneously still a relatively inexpensive exercise, and with hundreds of millions of Internet users in the world, many of them unwary to the ways of Internet criminals, Mike says he doesn't see the end of this sort of thing anytime soon.

"I guess it's like a house or a car," he says. "You have to do the dishes every day. You have to vacuum and take out the trash. You have to keep your car clean and change the oil. And you have to devote a lot of time to defending your computer from all the Internet jokesters and criminals. Frankly, I'd rather be doing something else, but I have no choice."

 

About Security News Desk
SYS-CON's Security News desk trawls the world of security for news of software, hardware, products, and services that seems likely to be of interest to infosec professionals and summarizes them for easy assimilation by busy IT managers and staff.

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1



ADS BY GOOGLE
Subscribe to the World's Most Powerful Newsletters

ADS BY GOOGLE

The explosion of new web/cloud/IoT-based applications and the data they generate are transforming ou...
CI/CD is conceptually straightforward, yet often technically intricate to implement since it require...
Containers and Kubernetes allow for code portability across on-premise VMs, bare metal, or multiple ...
Enterprises are striving to become digital businesses for differentiated innovation and customer-cen...
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As au...
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't com...
The now mainstream platform changes stemming from the first Internet boom brought many changes but d...
DXWorldEXPO LLC announced today that All in Mobile, a mobile app development company from Poland, wi...
DXWorldEXPO LLC announced today that Ed Featherston has been named the "Tech Chair" of "FinTechEXPO ...
Chris Matthieu is the President & CEO of Computes, inc. He brings 30 years of experience in developm...
Bill Schmarzo, author of "Big Data: Understanding How Data Powers Big Business" and "Big Data MBA: D...
Andi Mann, Chief Technology Advocate at Splunk, is an accomplished digital business executive with e...
In this presentation, you will learn first hand what works and what doesn't while architecting and d...
The Internet of Things is clearly many things: data collection and analytics, wearables, Smart Grids...
To Really Work for Enterprises, MultiCloud Adoption Requires Far Better and Inclusive Cloud Monitori...
We are seeing a major migration of enterprises applications to the cloud. As cloud and business use ...
If your cloud deployment is on AWS with predictable workloads, Reserved Instances (RIs) can provide ...
Disruption, Innovation, Artificial Intelligence and Machine Learning, Leadership and Management hear...
We build IoT infrastructure products - when you have to integrate different devices, different syste...
Consumer-driven contracts are an essential part of a mature microservice testing portfolio enabling ...