Spoofed Microsoft Internet Explorer 7 Update site installs a trojan

SurfControl Threat Analysis team has received a spoofed e-mail message, claiming to be from support@microsoft.com, which offers a link to download Release Candidate 1 of Microsoft Internet Explorer 7.
 
This threat takes advantage of the release of Internet Explorer 7 by Microsoft last week.  If the recipient of the e-mail clicks on the provided links a website is launched that looks very similar to a legitimate Microsoft page, however, it installs a Trojan Downloader via a browser exploit targeted at Internet Explorer, and effectively creates a backdoor on the infected system.
 
 Techniques:
 
-  Spammer sends an email from a spoofed Microsoft address to increase level of trust.
-  Takes advantage of recent update to Microsoft Internet Explorer.
-  Uses a webpage that mimics the Windows update site.
-  Installs a Trojan downloader effectively creating a backdoor on the infected system.




Share this