Just another Informatin of Virus
Fake Windows Support Spam Brings Forth an Info-Stealer
16Mar2009 Filed under: TrendLabs Author: adminThis is probably the type of support one wouldn’t want to have.
Spammed email messages were found pretending to come from Microsoft Windows Support and claiming that Microsoft Service Pack 1 and Service Pack 2 have been discovered to have an error that can damage the computer’s software or even the hardware.
Figure 1. Spammed messages purporting to come from Windows Support
These messages encourage users to download and install a file in order to fix the problem. When users click the download button they are redirected to a site and are asked to download a file which Trend Micro detects as TROJ_DLOADER.CUT.
Figure 2. User is prompted to download a malicious file
TROJ_DLOADER.CUT connects to a certain URL to download another malicious file, which in turn is detected by Trend Micro as TSPY_BANKER.MCL. TSPY_BANKER.MCL monitors the affected user’s online transactions and steals banking related information.
Not too many TSPY_BANKER variants have been reported to be related to notable attacks recently, and this incident may pretty much mark the end of the hiatus. Users are advised to ignore spammed messages and, more importantly, to never click links embedded in these messages.
Trend Micro users are protected from this attack by the Smart Protection Network, as the related files, spam, and URL are already detected and blocked.
Post from: TrendLabs | Malware Blog – by Trend Micro
About this blog
Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Quisque sed felis. Aliquam sit amet felis. Mauris semper, velit semper laoreet dictum, quam diam dictum urna, nec placerat elit nisl in quam. Etiam augue pede, molestie eget, rhoncus at, convallis ut, eros. Aliquam pharetra. Nulla in tellus eget odio sagittis blandit. Maecenas at nisl. Nullam lorem mi, eleifend a, fringilla vel, semper at, ligula. Mauris eu wisi.
Leave a reply