Deprecated: Assigning the return value of new by reference is deprecated in /home/download/IM-Framework/adodb/adodb.inc.php on line 888

Deprecated: Assigning the return value of new by reference is deprecated in /home/download/IM-Framework/adodb/adodb.inc.php on line 1913

Deprecated: Assigning the return value of new by reference is deprecated in /home/download/IM-Framework/adodb/adodb.inc.php on line 1985
Trojan Disguised as a Microsoft Security Patch - DownloadForge
 
Home » News » Security » Trojan Disguised as a Microsoft Security Patch


Trojan Disguised as a Microsoft Security Patch

Security News | 19-Oct-2006
Views 510 | Rating 
 | Rate it! 

The security experts from Avira announced that there is a Trojan in circulation, “TR/Dldr.Stration.C”, since last night. This Trojan was sent via email in the wee hours of the morning. After the user had started the computer, the Trojan will download and activate a worm already known as “Worm/Stration.C”: The infected email will then disguise in an administration email. Moreover, the email has an attachment and can be recognized after the following English subjects:
• Error
• Good day
• hello
• Mail Delivery System
• Mail Transaction Failed
• picture
• Mail Server Report
• Status
• test “Mail server report”

The file names of the attachments are very much alike the typical Microsoft patch programs like for instance: "Update-KB%Nummer%-x86.exe" or "Update-KB%Nummer%-x86.zip" whereby the placeholder is an incidental number. Furthermore, a Windows mask will pop up showing the following message: “Update successfully installed”.

“Within a few hours after the outbreak, our special observation networks, the so called traps, already contained more than 4000 copies of the Trojan. In this way we came to the conclusion that the malware was spreading strongly and very rapidly”, explains Gernot Hacker, Security Expert at Avira. “Through the new heuristic AHeAD, Avira AntiVir was able to proactively detect 36 different variants of the Trojan and to ward off reliably. Particularly these kinds of Trojans are used very often for attacks in order to infiltrate programs into the computer where they can procure the access for further criminal attacks. In the majority of cases, the users don’t even notice anything.

The affected systems are Windows operating systems running on Windows 95, 98, 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP und Windows 2003.
 


Todays's Headlines
Related news:
 
 
 
Copyright @2005-2011 InsideMedia SRL. All rights reserved.
Copyright informations | Terms of use | Privacy policy | Contact us | Help center | Gazduire web