Trojan download site spoofs IE7 release outlet
Print storyIs there a difference?
Posted in Spyware, 18th October 2006 13:51 GMT
Free whitepaper – Securing your Apache web server with a Thawte digital certificate
Hackers have created a bogus Internet Explorer 7 download site that attempts to load Trojan code onto the PCs of visiting surfers.
Traffic to the malicious website is being driven by a spoofed email message, claiming to be from support@microsoft.com, offering a link to download Release Candidate 1 (RC1) of Microsoft Internet Explorer 7.
Prospective marks visit a spoof website that looks similar to Microsoft's legitimate download page for IE 7 RC1. But instead of all that Microsoft goodness, surfers visit a site loaded with Trojan downloader codes which attempt to exploit browser vulnerabilities to download malware onto their machines.
Hackers commonly trick users into visiting malicious sites or executing malware that claims to offer the latest security fixes from Microsoft. The latest attack, reported by net security firm Surfcontrol, represents an adaptation of the technique which takes advantage of the release of IE7 RC1 by Microsoft last week.
In almost related news, a Firefox fan has registered the domain IE7.com, on which he's plastered the logo for the alternative browser software. This site, unlike the spoof IE7 download site, is safe to visit. ®
Free whitepaper – Securing your online data transfer with SSL
The future of SaaS and IT infrastructure management
The mandate for application security
Extended Validation SSL Certificates
Avoiding 7 common mistakes of IT security compliance
The best practices guide for application security
Google cloud told to encrypt itself
Buggy 'smart meters' open door to power-grid botnet
Chinese firm hits back at cyberspy claims
BlockMaster SafeStick hardware-encrypted USB drive