According to BitDefender, a Trojan horse is being distributed as an email attachment and the message, once again, is meant to lure the target into downloading the malicious software. BitDefender detects this threat as Trojan.Generic.3783603, which is apparently the same as a file that was already being passed around in an email faking a Facebook password change.
This time around, the social engineering is exploiting another popular subject of the computer world: Windows 7. Since coming into general consumer availability in October 2009, Miscrosoft's latest operating system has been very popular. Today's malware focuses on people's desire to upgrade to Windows 7 by offering a free compatibility checker called "Windows 7 Upgrade Advisor". The message reads like this:"Find out if your PC can run Windows 7!
To see if your PC is ready for Windows 7, download the free Windows 7 Upgrade Advisor. It scans your PC for potential issues with your hardware, devices, and installed programs, and recommends what to do before you upgrade.
Attention!
Information about your PC will be sent to Microsoft, but no information will be used to identify or contact you.
Thank you!" Putting aside the attached malware, this email looks rather legitimate and many users can be compelled to try out the attached software. In fact, the above text uses sentences coming from Microsoft's own compatibility checker information page. Even the file's name (except for the ZIP extension) is the same as the real application.
Once the malicious file is run on the target computer, the trojan installs a backdoor which allows the attackers to do pretty much whatever they want, from installing key-logging software to sending spam. And according to Catalin Cosoi, head of BitDefender's Online Threats Lab, the infection is expected to spread quite rapidly as users fall for the scam.
Remember that a serious company such as Microsoft will never send software by email. Instead, they may offer the user to visit their Web site in order to download applications. But then again, some spam campaigns use malicious links included in emails to infect their targets, so always be careful when following links from electronic messages, even if they seem to come from a legitimate source.
|
