3 replies to this topic

[TwistedMetal]

US-CERT has received reports of an email message circulating purporting to be a Microsoft Security Bulletin. The email directs the user to download and install an executable that is supposed to be a cumulative patch. Through the use of social engineering that attacker is hoping to trick the user into thinking they will be installing a cumulative patch when in fact they are installing a version of SDBot, a commonly used Trojan horse.

This variant of SDBot is part of a family of backdoor Trojan horse programs commonly controlled remotely by an attacker via Internet Relay Chat (IRC). Some variants of SDBot may not be detected by anti-virus applications.

In 2003, a similar email message masquerading as a Microsoft Security Bulletin was circulated via email. Users that clicked on the link in this email message were infected with the Swen mass-mailing worm.

US-CERT recommends:

* Users do not follow unsolicited web links received in email messages.
* Users should manually type in the URL when attempting to go to the web sites recommended in an email.
* Users install anti-virus software, and keep its virus signature files up-to-date.

[Dheeraj]

it is not that easy to fool win server 2003

it offers high security over internet

[LEEnoble]

Dheeraj, on Jul 2 2005, 05:45 AM, said:

it is not that easy to fool win server 2003

it offers high security over internet

<{POST_SNAPBACK}>

Are you a muppet?

[Andavari]

Kermit!