Trojan Disguised as Microsoft Patch; Identity Theft
Trojan Disguised as Microsoft Patch
Another new Trojan, Xombe/Downloader-GJ, attempts to fool people by claiming to be a critical patch from Microsoft. It has a downloader component which will attempt to retrieve a Trojan file from a predetermined website. According to the anti-virus vendors' website, the site has now been disabled.
The subject of the email is "Windows XP Service Pack 1 (Express) - Critical Update", with sender email as "windowsupdate@microsoft.com". The attachment is named as "winxp_sp1.exe" (4,096 KB).
According to Microsoft, they will not send patches via email. If you receive such emails, be wary as most likely it is attempting to trick you to execute some malware.
For more information on this Trojan, please refer to the following:
http://securityresponse.symantec.com/avcenter/venc/data/trojan.xombe.html
http://www.f-secure.com/v-descs/xombe.shtml
http://vil.nai.com/vil/content/v_100945.htm
http://www.sophos.com/virusinfo/analyses/trojdloaderl.html
http://www3.ca.com/virusinfo/virus.aspx?ID=37965
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ_XOMBE.A
Identity Theft
An interesting article on "Account takeover leading to identity theft":
http://www.cardcops.com/account_takeover.htm
This article discussed the threat on how hackers can retrieve your personal information from various means leading to identity theft.
Another new Trojan, Xombe/Downloader-GJ, attempts to fool people by claiming to be a critical patch from Microsoft. It has a downloader component which will attempt to retrieve a Trojan file from a predetermined website. According to the anti-virus vendors' website, the site has now been disabled.
The subject of the email is "Windows XP Service Pack 1 (Express) - Critical Update", with sender email as "windowsupdate@microsoft.com". The attachment is named as "winxp_sp1.exe" (4,096 KB).
According to Microsoft, they will not send patches via email. If you receive such emails, be wary as most likely it is attempting to trick you to execute some malware.
For more information on this Trojan, please refer to the following:
http://securityresponse.symantec.com/avcenter/venc/data/trojan.xombe.html
http://www.f-secure.com/v-descs/xombe.shtml
http://vil.nai.com/vil/content/v_100945.htm
http://www.sophos.com/virusinfo/analyses/trojdloaderl.html
http://www3.ca.com/virusinfo/virus.aspx?ID=37965
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ_XOMBE.A
Identity Theft
An interesting article on "Account takeover leading to identity theft":
http://www.cardcops.com/account_takeover.htm
This article discussed the threat on how hackers can retrieve your personal information from various means leading to identity theft.
Keywords:
0 comment(s)
×
![modal content]()
Diary Archives
Comments