Fake Microsoft patch malware campaign makes a comeback
During the last couple of hours, a fake Microsoft patch themed malware campaign was restarted by its botnet masters, once again spamming a non-existent Update for Microsoft Outlook / Outlook Express (KB910721) as officexp-KB910721-FullFile-ENU.exe detected as VirTool:Win32/Obfuscator.
Some of the subjects used in the campaign include Microsoft has released an update for Microsoft Outlook; Install Critical Update for Microsoft Outlook; and Microsoft Outlook Critical Update.
These particular botnet masters have also been actively multitasking during the last two months, having launched a Chase phishing campaign, another one this time themed with a "Who Killed Michael Jackson?" message, as well as a phishing campaign impersonating the United Services Automobile Association.
The fast-flux botnet also acts as a good example of why end users shouldn't interact with spam messages in general, since the Michael Jackson themed campaign was attempting to infect the users who clicked on the spam link by using an Office Snapshot Viewer exploit.
