ie8 fix
madison

Zero Day

Ryan Naraine, Emil Protalinski and Dancho Danchev
Home / News & Blogs / Zero Day

Fake Microsoft Patch Tuesday malware campaign spreading

By | October 14, 2008, 3:00pm PDT

Summary: Malicious attackers are once again taking advantage of event-based social engineering attacks, and are currently mass mailing fake notifications for Microsoft’s Patch Tuesday, attaching a copy of Trojan.Backdoor.Haxdoor, next to a legitimately looking PGP signature which is, of course, fake too : “We received some questions from customers about an e-mail that’s circulating that claims to [...]

Fake Microsoft Update EmailMalicious attackers are once again taking advantage of event-based social engineering attacks, and are currently mass mailing fake notifications for Microsoft’s Patch Tuesday, attaching a copy of Trojan.Backdoor.Haxdoor, next to a legitimately looking PGP signature which is, of course, fake too :

“We received some questions from customers about an e-mail that’s circulating that claims to be a security e-mail from Microsoft. The e-mail comes with an attached executable, which it claims is the latest security update, and encourages the recipient to run the attached executable so they can be safe. While malicious e-mails posing as Microsoft security notifications with attached malware aren’t new (we’ve seen this problem for several years) this particular one is a bit different in that it claims to be signed by our own Steve Lipner and has what appears to be a PGP signature block attached to it. While those are clever attempts to increase the credibility of the mail, I can tell you categorically that this is not a legitimate e-mail: it is a piece of malicious spam and the attachment is malware. Specifically, it contains Backdoor:Win32/Haxdoor.”

Is timing everything when it comes to the success rate of such malware campaigns? Not necessarily.

Despite the touch points aiming to improve the trust factor, like mentioning a real Microsoft employee, spoofed FROM field as securityassurance AT microsoft.com, next to the PGP signature, given the fact that the emails aren’t personalized and that spam outbreaks spreading malware by capitalizing on Microsoft’s brand have cyclical pattern, namely, they re-appear every year (2005, 2007, 2008) the average end user is supposed to have a basic security awareness of this tactic. More info on the campaign :

Furthermore, this backdoor opens several TCP ports that allow remote attackers to connect to the comprmised PC and execute files, steal information from it, or upload and download files. The attachment’s file name varies, but uses the convention KBxxxxxx.exe, where xxxxxx is a random 6-digit number. Below are some of the file names we’ve seen, and are being used:

KB199250.exe
KB246586.exe
KB535548.exe
KB572906.exe
KB763412.exe

Compared to the recent targeted malware attack against U.S schools, and the massive fake CNN news items campaign taking advantage of client-side vulnerabilities, this one is definitely going to have a lower success rate - no matter the timing.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Zero Day”

Topics

Security, Cybercrime, Social Engineering, Patch Tuesday, Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Disclosure

Dancho Danchev

More details on Dancho Danchev's current and past professional affiliations, can be found in his LinkedIn profile.

Biography

Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog sharing real-time threats intelligence data with the rest of the community on a daily basis. More details on Dancho Danchev's current and past professional affiliations, can be found in his LinkedIn profile. You can also follow him on Twitter

Related Discussions on TechRepublic

Did you know you can take part in these discussions with your ZDNet membership?
Ask a Question Start a Discussion
67
Comments
Add Your Opinion

Join the conversation!

Just In

interesting
pgit 5th Aug 2009
Using Linux, I downloaded these whatever they are things from the link provided.

First thing I notice is the file name changes randomly each time I save the file.

Secondly, and this is the scary part, the contents of the file are my own index.html page on this machine! I downloaded several times and all of them the same, the contents of whatever this script is/does grabs the index.html of the machine it's loading on.

Fascinating. If anyone can explain that I'm all ears.

BTW the index readis in it's entirety "It works!" This is the default Mandriva apache config. I'm running a a server on this so I can have a wiki.
View in thread
0 Votes
+ -
owning a computer
Monosdeja 14th Oct 2008
these peeps whom click on the email should not be allow to own a computer. period until they go through security training for 1 year
0 Votes
+ -
It doesn't always take an email.
Zogg 15th Oct 2008
I've previously googled for something (something technical ;-)), clicked on a link, and suddenly had a pop-up appear that claimed to be scanning my C drive before finding a virus! Except that I was browsing on a Linux box at the time...

There are lots of ways for malware to get onto your PC. Are you confident that you're always going to be able to spot them all? What if drive-by malware can get referenced in Google's cache...?
0 Votes
+ -
You'd have to be dumb
owen35ny 15th Oct 2008
to hit a link for a MS update, especially when your os tells you if
new ones are available.
0 Votes
+ -
You think so?
liquidglow 15th Oct 2008
You would be surprised at how many people these days who are still not very computer literate. For example, a new PC with Vista was purchased for my mother who is in her 50's so that she could maintain her e-mail account and keep in contact with family and friends and play online card games and whatnot...simple stuff. She can navigate her way around the OS for the most part. But she is one of those people who sees a flashing banner on the web telling her she's won something and will believe it's her lucky day.

To her credit, she can spot obvious attack attempts such as those e-mails claiming to be a long lost relative from Russia who is trying to regain contact. But I can gaurantee that she would not be able to recognize this type of e-mail for what it is and would consider it authentic. She knows of the automatic updates from Microsoft, but all the fine details she does not.

So to get back to my main point, stupidity (or being dumb, as you put it) does not apply to all. I agree that it might apply to those who are well aware and fully understand how these things work. But for those that are not so techno-savvy it's a different story.
0 Votes
+ -
Mother in law with similar problem here...
914four 15th Oct 2008
Her dual core HP Pavilion is running so slow it's not tenable, and this will be the second time I have to recover her system.

Since all she really does with her computer is read email and browse the web, I have convinced her to let me install OpenSolaris on her computer. I'll set her up as a user with limited privileges and it won't matter what she clicks on in email.

I'll let you all know how it works in a few weeks.
0 Votes
+ -
A guy on the street ask to upgrade your wallet...
tom123_z Updated - 15th Oct 2008
A guy on the street ask to upgrade your wallet. Would you give it to him? Or would your mother give it to him?
Please explain to your mother to behave as she would do in *real* life.
0 Votes
+ -
to be more precise...
linuxoverwindows 4th Nov 2008
a guy on the street walks by with a sign that says "upgrading your wallet, please wait..." and before you can push him away, he already slipped all his coupons in there and a little gremlin that goes out and finds more coupon generators for you.

that would be more like it if you want to apply a real world type scenario
0 Votes
+ -
Yes, I do think so...
Major Havoc 16th Oct 2008
These days, it takes more than being computer illiterate. You would also need to be either stupid or living in a cave! The media has covered this sooooo many times. Every time something like this happens they explain how to spot suspicious emails. And not just blogs. I am talking about local and national news.
0 Votes
+ -
Watch what you said.
Grayson Peddie 16th Oct 2008
She will slap your face so hard that you will get kicked out of my apartment.

My mom is not stupid or does not live in a cave. Same for Liquidglow and 914four.
0 Votes
+ -
Watch what you said.
Major Havoc 17th Oct 2008
LOL - Good comeback. happy
0 Votes
+ -
And yet -
zclayton2 16th Oct 2008
I get 10 to 35 nigeria scams directed to my business address every day because it is a published contact by my employer. I wouldn't get those if there wern't an awful lot of "stupid" users out there. All it takes is a small fraction of "irrational optimists" to supply the numbers needed to keep those coming out.
0 Votes
+ -
RE: It doesn't always take an email
ccfman2004 17th Oct 2008
I sometimes get something similar. A pop-up that looks
like an Internet Explorer window scanning stuff and saying
I'm infected with spyware. There is one problem, I am
running Safari on my Mac.

I even got a pop-up once asking me to install an activex
control so I could play some video. Last time I checked
only the Windows version of Internet Explorer uses Activex
Controls.

I love my Mac.

As a side note it seems Apple's Mail can thwart these
spoofed emails by telling me the actual sender.

I used to get tons of phony Pay-Pal emails, I knew they
were fake because of the address it came from even
though it was spoofed.
0 Votes
+ -
it dont take mac mail...
linuxoverwindows 4th Nov 2008
any email program shows the sender. also ou can view source to see headers but for the common joe-email user, put your mouse on the link youre going to click to go to reset your password and notice it is http://68.245.11.43/paypal/security/login/whatever or something wierd looking.

also, windows live mail marks the phishing emails as phishing emails. and the snozzberries taste like snozzberries.

i dont like mac but i will say its good that they cant be infected very easily. one of the viruses i read about youget on an im and you have to click it, then click a apple warning aggreeing you want to open the file. so on an apple youd have to be stupid to get a virus. on windows, it dont take much.
0 Votes
+ -
Another issue is what to do...
deowll 17th Oct 2008
when a site sends you a message that you do need to update flash, adobe, or something, or a message pops up that most likely isn't connected to what you are doing but they want you do do it while you are on line and you just can't be sure if you are looking at bait or not.

The need to more completely armor the OS on a rom chip so that you can start over clean then update what you need to before anything else can happen is growing.

If this means only MS, Apple, or your linux distro can touch your OS and your security software I can't help it.

All your apps should run in a sandbox with high walls anyway.
0 Votes
+ -
thats pretty paranoid
linuxoverwindows 4th Nov 2008
i run my laptop vista and suse dual boot. i only use a basic setup for firewall settings and i pretty openly browse websites with not much worry as to what sites i go to. but when you browse pr0n, you need to be careful and run a virus scan and an anti spyware check after just to be sure. i use spybot sd and housecall website for virus scanning. real time protection? dont need it.
0 Votes
+ -
LoL
liquidglow 15th Oct 2008
And who's paying for that? =P
0 Votes
+ -
Not EVERYBODY is a computer whiz, Monosdeja
drprodny 15th Oct 2008
A lot of people really don't need more than just e-mail and web surfing - and for them, M$FT is the worst possible system since it's so inherently vulnerable to malware attacks (and even more so thanks to the Homeland Security-level UAC of Vista - talk about "We're inconveniencing you so you THINK you're safer!").

I wish to Heaven M$ST would work on a simple-stupid and transparently secure OS for Mom-level users - or if they're too arrogant to bother (which given Darth Ballmer as their Lord and Master, they clearly ARE), maybe we should start giving our Moms Linux Netbooks behind secured routers....
0 Votes
+ -
...giving our Moms Linux Netbooks
tom123_z 15th Oct 2008
...giving our Moms Linux Netbooks?
That works better that you think!
The funny thing is that your mother probably want feel any difference between a Microsoft or a Linux with KDE.
0 Votes
+ -
actually I agree
deowll 17th Oct 2008
a heavily armored linux distro with something like open office and a few other selected aps may be what a lot of people need if they even need that much.

I'm not sure how many would accept the limits.
0 Votes
+ -
owning a computer
cynic8 15th Oct 2008
They don't have time to go to training. They're too busy taking care of their kids, 'cause they thought "Abstinence" is an effective form of birth control in the heat of the moment.
0 Votes
+ -
You think you are being critical but...
deowll 17th Oct 2008
people who use effective birth control are being selected out of the population because they are limiting their reproduction and it is survival of the fitest and they aren't fit in the only way that really matters.
0 Votes
+ -
owning a computer
ccybuch 15th Oct 2008
It is a sad day when we blame the victim for being a victim. Why aren?t we getting angry at the criminals?
0 Votes
+ -
I'd blame the criminals and not blame the victoms.
Grayson Peddie 16th Oct 2008
Me and my family always protect ourselves and I help my family out with their computer needs.

Besides, a computer user not being responsible for their actions, like clicking on the links in an e-mail for not knowing what they're doing doesn't mean they're stupid or live in a cave. We've got to educate ourselves and I educate my family, too.

In a nutshell, being "illiterate" doesn't mean someone who're stupid or lives in a cave.

Those who call that to illiterates deserves no respect from anyone who needs help. That's being childish.

I'm not trying to be harsh, though.
0 Votes
+ -
Because we are stupid?
deowll 17th Oct 2008
Look to stop the people doing at least half of this you just fine people that pay people to send spam.

Because of the potential of hacking and zombie computer armies in cyber warfare I think some of this may be done by covert government operatives by just about any country with brains enough to understand the threat.


At the least governments need to know how this is done and that means they have to have contacts in the cracker community that know if they don't want a cyber Pearl Harbor.
0 Votes
+ -
Not all want to measure up to Monosdeja's standard!
bruce4ta 18th Oct 2008
Not all want to measure up to Monosdeja's standard! Some of us are users and direct our life to other goales. Monosdeja drives but may not be able to do the first bit of maitiance on a car, Or own a home and not care for it by themself! Some need gitting a life training!
0 Votes
+ -
Lol, the English!
chaiguy1337 15th Oct 2008
...or lack thereof. How anyone could think this is an
official publication is beyond me.
0 Votes
+ -
RE: Lol, the English!
Milz 15th Oct 2008
I was about to say the same thing. Anyone falling for this or any e-mail that is written in sub-standard english should know that a company like MS would not send it. They (the people who fall for it) should all go back to English 101!
0 Votes
+ -
The Rush Limbaugh / Bill O'Reilly Theory of Malware
jonkers Updated - 15th Oct 2008
Your analysis shows that you are out of touch with the real world...

...by egocentrically assuming that everyone is like you, that they therefore have taken an English 101 course, but either didn't study hard enough (lazy) or were incapable of learning (stupid), so now they need to take it again.

In this way, you blame the victims and smugly congratulate yourselves on being "better" than them, thus reinforcing your Republican attitudes. This is the Rush Limbaugh theory of computer malware.

I suppose it works well enough until some malicious rootkit bites _your_ ass; then you suddenly need to become a blameless victim.

In reality, there are now very many people who have never taken a college course, and many who did not even achieve a high school diploma, who own and use computers.

People are what they are, and neither they nor you can change them much. You will make the kinds of mistakes that you make, I will make the kind that I make, and the 50-year-old mom of the commenter above will make the kind that she makes.

Her son, fortunately, did not try to change her, nor imply that the reason she might fall for phishing scams is that she's lazy or stupid. Instead, he wisely changed her computing environment to one (Sun Solaris) in which she would be less exposed to the opportunities to make the kinds of mistakes she might make.

If you want for these people (your moms, the semi-literate high school grads and dropouts, etc.) to buy computers, and thus contribute to the tech economy that enables you to have a salary and maintain your dotcom lifestyle, then you need to start crafting your technologies so that they "fit" those users.

You, like the 50-year old mother's son, need to design computing environments which make it less likely that users will be able to make potentially disastrous errors.

I'll bet you don't complain that the manufacturer of your automobile installed airbags. Airbags are not a functional requirement of the product - cars will still drive without them. They do that to protect you from the mistakes that you or others might make. They could, instead, just blame car crash victims for being too stupid or lazy to drive carefully, and say that they therefore deserved their fate. That's the Bill O'Reilly Theory of Traffic Accidents.

The airbag theory saves more lives. But then, Republicans, Rush and Bill don't really value other people's lives all that much, do they?
0 Votes
+ -
The clown's Theory of Caring
tm2guy@... 17th Oct 2008
I am a Republican and I care very much about other people's lives. I resent your inference that you are somehow superior because of your unstated political beliefs. If this were not an election year the divisiveness might be toned down and you wouldn?t be so mean spirited. Your post flies in the face of your inference that you care about others while evil Republicans do not. In any case, it is pathetic that you feel the need to twist the situation just to make what you consider to be a political statement. I will be glad when the election is behind us and maybe, just maybe, we can cut the name calling and infighting and try to be Americans again, not Republicans and Democrats.
0 Votes
+ -
Why
jonkers Updated - 18th Oct 2008
WHO is being "mean-spirited" here???

The posts I replied to both implied "If the users are that stupid, they deserve whatever nasty malware they get."

In the 2000 Florida election, people made mistakes in voting because the ballots were poorly designed. It was the Rush Limbaughs, Bill O'Reillys, Republicans, who said - "if they're that stupid, their votes shouldn't be counted anyway."

In both cases, one faction is blaming the victims, the other faction is blaming the victim's environment. This is the essential difference historically between Republicans and Democrats.

Republicans would prefer to dismantle "safety nets" such as welfare, because "if people are poor it's because they're too lazy - if they starve, they get what they deserve." Democrats have always preferred to help people when they're down and unable, by changing the environment (e.g., "The New Deal", public works programs, etc.).

The obverse of the Republican principle of blaming victims is that they credit success. "If a CEO makes $78 million this year, it's because he deserved it."

Democrats think that not everyone who succeeds deserves credit - again, they point to environmental factors. Do you think George W. Bush would have become president, had he been born, say, into your family, instead of Geo.H.W.Bush's family? Would he have gone to Yale?

Republicans ARE mean-spirited. Their attack ads, from Willy Horton to the Swift Boaters, to McCain's today, are simply dishonest and mean, meant to generate anger for dishonest reasons.
Democrats have not done that - they try to "play fair".

And these posters here who "LOL" about how "those people can be THAT stupid - ha ha ha" - typifies what you hear from Rush & Bill & Karl Rove & friends. If you care about other people, perhaps you are in the wrong party.
0 Votes
+ -
Wonderful!
*nixFan Updated - 24th Oct 2008
I'm so glad you stand up for the disenfranchised masses.

Now put your money where your fingers are:

Since Democrats are all about wealth redistribution, let's try a practical excerise. Please pack up the computer you are posting from and ship it to an orphanage or some place that really needs it.

Surely that's not too much to ask...

And then perhaps the DNC can take some - no, rather all- of the $37MM Mr. Obama still has to spend before Nov 4th and buy low end systems for say a few hundred thousand school kids.

After all, do we REALLY need to see more ads about how he's going to 'change' the American way of life? If he's such a capable savior, he shouldn't need any ads at all and he would boost the economy (and perhaps the education levels) in the process.

Heck the media are licking his shoes anyway, it's not like he needs the money for advertisments.

Well, I guess on election night they can only lick after they pay the ~$1000+ cover charge to get in, but surely they'll think it's worth it.

And before you ask - Yes, I've given away 6 computers to the needy in the last year. If an uncaring Republican like me can do it surely other's can too.
0 Votes
+ -
SPECTACULAR!
bmerc Updated - 30th Oct 2008
"Since Democrats are all about wealth redistribution,"

Sweeping generalization is false.

Republicans and Democrats both practice wealth redistribution, the only difference is who they want to distribute it to. Corporate welfare or social welfare, both involve giving taxpayer money to someone.

"Please pack up the computer you are posting from and ship it to an orphanage or some place that really needs it."

Irrelevant. The poster's ability and/or willingness to give away his personal property to a charity is utterly irrelevant to the issue. This is simply an ad hominem argument, and is not logically valid.

"Surely that's not too much to ask..."

Arrogant much? Maybe he scrimped and saved for months to put together enough money to get his computer? Nah, couldn't be, he's a Democrat, he MUST have millions stashed away, after all, all Democrats are millionaire playboy satan worshiping puppy stomping baby eaters.

"And then perhaps the DNC can take some - no, rather all- of the $37MM Mr. Obama still has to spend before Nov 4th and buy low end systems for say a few hundred thousand school kids."

That would be both illegal and fiscally irresponsible, as well as abysmally stupid.

"After all, do we REALLY need to see more ads about how he's going to 'change' the American way of life?"

Well it sure sucks an infected root right now, so it better change. Do we really need to see McCain ads either? Nope, we could certainly survive without either. Pointless point is pointless.

"If he's such a capable savior, he shouldn't need any ads at all and he would boost the economy (and perhaps the education levels) in the process."

This is moronic stupidity. I know you're not dumb enough to actually believe anyone can succeed in American politics without money. If you really are that dumb, then you're beyond hope.

"Well, I guess on election night they can only lick after they pay the ~$1000+ cover charge"

And of course, Republicans would NEVER consider having a $1000 a plate fund raiser...

http://newsblogs.chicagotribune.com/clout_st/2008/10/romney-to-raise.html
http://thecaucus.blogs.nytimes.com/2008/03/14/mccains-london-fund-raiser/
http://kdka.com/local/Republican.Sarah.Palin.2.831042.html

OOPSIE!

If you really think there's some huge difference between Republican and Democratic political ethics, you're a fool. Both serve corporate interests, the only difference is which corporations they favor.

"And before you ask - Yes, I've given away 6 computers to the needy in the last year."

And written off every one on your itemized tax return too, no doubt.
0 Votes
+ -
Excellent response, bmerc!
jonkers 2nd Nov 2008
Good point-by-point analysis of the mostly irrelevant, ad hominem, and off-subject points made by *nixFan. Could hardly have said it better myself.

(Unfortunately, it's probably pointless to try to educate such people, they just "don't get it" - They themselves fall for the weapons of mass distraction (e.g. Rove et al., e.g. mocking Obama's popularity - "Barack=Britney" - as if that were either true or relevant to the important questions of the current election), so can only mimic those kinds of "arguments."

This thread started off about English 101. I think someone needs to revisit Logic 101.
0 Votes
+ -
LOL the English
tburnakis 15th Oct 2008
I agree with the two previous posts - good heavens folks, Microsoft is a multi BILLION dollar corporation that employs some of the brightest folks in the world. One look should be enough to tell you that this is NOT from them, or ANY company that would be big enough to support such a mass undertaking. Is it despicable that some cretin would stoop to something this low, indeed it is. Is it disheartening that anyone could be led astray by such a sophomoric attempt, indeed it is.
0 Votes
+ -
Um, English 101 is a college course.
deowll 17th Oct 2008
Most people don't go to college.
0 Votes
+ -
LOL, The English
Wolf4Fun 17th Oct 2008
SO, if the cretins that create these
malicious attacks were to simply hire an english professor to write their E-Mails, then you would understand someone falling for these scams?
0 Votes
+ -
RE: Fake Microsoft Patch Tuesday malware campaign spreading
cyberrab@... 15th Oct 2008
This is a great thing......free enterprise. What in 'ell would we do without hackers? Live peacefully? It's bad enough that things are expensive, the government taxes us too highly....we don't need to hack each other to death, too!
0 Votes
+ -
RE: Fake Microsoft Patch Tuesday malware campaign spreading
hsaidi@... 15th Oct 2008
It is not only e-mail. I got messaGE while talking on skype as an skye message.
see blow:

[10/14/2008 10:16:05 AM] Online Notice ?? says:

WINDOWS REQUIRES IMMEDIATE ATTENTION
=============================

ATTENTION ! Security Center has detected
malware on your computer !

Affected Software:

Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 2000
Microsoft Windows NT Server 4.0
Microsoft Windows Win98
Microsoft Windows Server 2003

Impact of Vulnerability: Remote Code Execution / Virus Infection /
Unexpected shutdowns

Recommendation: Users running vulnerable version should install a repair
utility immediately

Your system IS affected, download the patch from the address below !
Failure to do so may result in severe computer malfunction.

http://www.registryservice.org/?q=scan
0 Votes
+ -
Dude, edit that link
seanferd 16th Oct 2008
Chop off the http:// or something so someone does not accidentally click it. Jumpy mouse, cat-on-a-keyboard, whatever; someone will end up loading that page.
0 Votes
+ -
I agree.
Grayson Peddie 16th Oct 2008
I use Skype for personal calls to my family (SkypeIn/SkypeOut), but unfortunately, I got tired using Skype due to sex chatters out there in the web. 19 of the sex chatters (that I believe mostly) wanted to "sex chat" with me, or worse yet, wanted to see me through a webcam or get me to switch over to MSN. I'm male, though. I've just signed up with Vonage and I'm going to delete Skype out of my computer. This is even if I set my privacy settings to the highest in Skype. I can still get more invitations from sex chatters.

Sorry, "Skypers!" Have fun with "sex chats!"
0 Votes
+ -
RE: Dude, edit that link
richdave 17th Oct 2008
>>>...Chop off the http:// or something so someone does not accidentally click it...

Only a problem if your running a Microsoft OS. It told me that my PCLinuxOS had issues. Kinda funny.
0 Votes
+ -
PCLinuxOS...
pgit 5th Aug 2009
I couldn't even get the thing to load on my Mandriva box... =D It's funny, it pulled up the about:blank page in firefox.

I notice the file extension is ".part," like it's a torrent or something. Maybe it is?
0 Votes
+ -
interesting
pgit 5th Aug 2009
Using Linux, I downloaded these whatever they are things from the link provided.

First thing I notice is the file name changes randomly each time I save the file.

Secondly, and this is the scary part, the contents of the file are my own index.html page on this machine! I downloaded several times and all of them the same, the contents of whatever this script is/does grabs the index.html of the machine it's loading on.

Fascinating. If anyone can explain that I'm all ears.

BTW the index readis in it's entirety "It works!" This is the default Mandriva apache config. I'm running a a server on this so I can have a wiki.
0 Votes
+ -
RE: Fake Microsoft Patch Tuesday malware campaign spreading
mwestmo1 15th Oct 2008
I got the same pop-up from a MySpace Friend Request.
0 Votes
+ -
RE: Fake Microsoft Patch Tuesday malware campaign spreading
lethal9x 15th Oct 2008
Malwarebytes Anti Malware..... it's free. update run it and no worries.
0 Votes
+ -
RE: Fake Microsoft Patch Tuesday malware campaign spreading
ConnieS 15th Oct 2008
Owning a computer should be the same as driving a car; one should have to pass a test to do so. Age isn't a factor, in that I am a 67 year old female who tends to repair my computers (3) as well as others (no training in this), as well as teach many a generation my junior the basic fundamentals with maintenance. Too many don't think beyond the moment, and believe all they see pop up in email and elsewhere. I don't call this naive, I call it lazy. Those deserve to get whatever comes their way. Read, read, read, and then use some common sense after this. DUH! My 89 year old mother ("I'm too old to learn new things")has to be contained because she believes everything that hits her email is a personal message for her, regardless of the fact she has no clue who is sending. Of course, she is also a ditz and always has been.
0 Votes
+ -
RE: Fake Microsoft Patch Tuesday malware campaign spreading
clovenlife 15th Oct 2008
One of our sales managers got that email the other day and forwarded it to me with a big FYI in the body.. I knew it was bad mojo right away... Without the txt attachment named "Attachment Removed" put there by our anti-virus.

If we could just get rid of our end users... the network would be so much more secure :P
0 Votes
+ -
RE: Fake Microsoft Patch Tuesday malware campaign spreading
NerdHerd007 15th Oct 2008
All these hackers and virus creators need to be gathered up dropped in a 100x100 foot steel building with one opening at the very top. thats where we drop in 120 frag gernades.. Problem solved..
0 Votes
+ -
Malware
Mahegan 15th Oct 2008
Oh... I thought that the real update *WAS* the malware. Thanks for setting me straight.

The truth we need to face is that with outsourcing, only boring jobs are left, and the human mind, needing to entertain itself, gets up to malware programming.

Even though the USA might be the free-est society around, nevertheless it is a prison with golden bars.

The caged citizens behave like they are in prison...
0 Votes
+ -
It's particularly amusing...
zdnet@... Updated - 15th Oct 2008
that you think this was created in the US. Given the grammer in the email not likely, at least not from someone who natively speaks English. But then given the stellar preformance of our public school systems maybe it was. Anyway, your attempt to combine the outsourcing, probably the most boring jobs in existance, with this problem is your political ideals showing they have no foundation. Don't mistake my comment to think that I'm for outsourcing.

Join the conversation!

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
ie8 fix
Click Here
ie8 fix

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
ie8 fix
ie8 fix