Bogus Microsoft Message Includes ‘Backdoor’ Trojan

Barracuda Networks, the worldwide leader in web security, recently announced that they have identified a new Trojan that tries to infix a backdoor on its target's computer. It circulates through an e-mail claiming to be a Microsoft Windows update at a domain called securityassurance@microsoft.com.

The message notified the receiver about a just released security update by Microsoft for its Windows operating systems. The message header claimed to be a Microsoft security update for Windows OS. The update is compliant with various Microsoft OSs like Microsoft Windows 2000, Microsoft Windows 98, Microsoft Windows Millenium, Microsoft Windows Vista and Microsoft Windows XP.

Moreover, the fake e-mail also urged the receivers to download an update to defend their computing system against security risks and operating troubles. According to Barracuda Networks, immediately after the update was deployed, it inserted the malicious software called "phones home" that kept an outgoing TCP link open in anticipation of more commands.

Barracuda Networks' Vice President of Product Management, Stephen Pao, alleged that the application was not a Microsoft update, but instead a Trojan named "Trojan.Backdoor.Haxdoor", which could easily turn PCs into bots or allow a hacker to hack the computer networks of business houses, as reported by SCMagazine on October 13, 2008.

Pao also asserted that Microsoft's popular brandname was often exploited by hackers, and the routine manner in which people installed security updates made it a target of attacks using hazardous and potentially powerful blend of social engineering methods.

The security analysts stated that the hackers employed a blend of social engineering methods such as the utilization of Microsoft KnowledgeBase for naming the attachment and the insertion of a PGP signature in the e-mail.

Pao added that cyber crooks victimized many people and especially those who had succumbed to the urge of updating their Windows OS.

Therefore, analysts said that unwary users without any appropriate antivirus shield could erroneously deploy the malicious software and might even damage their computing systems. Besides, SANS Internet Storm Center claimed that their company had got five reports from customers warning them about the computer virus.

Related article: Bugs Swell In Browsers in 2006

» SPAMfighter News - 15-10-2008

All SPAMfighter products offer a free trial!

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail, Windows Live Mail and Thunderbird.

Optimize your Slow PC for better performance. Try FREE scan now

Disk space recovery
and disk optimization. Try FULL-DISKfighter free

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial.

Remove Spyware with SPYWAREfighter - Free 30 days trial

Antivirus software for your Windows PC - Free 30 days trial