Original URL: http://www.theregister.co.uk/2007/03/30/grum_worm/
Grum worm poses as IE7 beta
Spamvertised malware spreading fast
Hackers are trying to trick prospective marks into loading malware that poses as a "beta" version of Internet Explorer 7.
Widely circulated emails, which pose as messages from firstname.lastname@example.org and feature subject lines such as "Internet Explorer 7 Downloads", display an image which invites gullible users to download beta 2 of Internet Explorer 7. Users who click on the authentic-looking image download a file called ie7.0.exe infected by the Grum-A worm.
Besides the fact that downloading software advertised in unsolicited emails is a bad idea, surfers might also want to note that the full version of IE7 was released in October 2006 (the bet2 2 version was released in April 2006). Users should go direct to the original developer's site, or some other trusted outlet, when searching for software updates, yet many are yet to learn this lesson, a failing hackers are all too willing to exploit.
Punting malware that poses as software downloads from Microsoft is an all too common trick. The Gibe-F (AKA Swen) worm of 2003, for example, posed as a critical security update from the software giant, fooling many in the process. Two years ago hackers directed surfers to a bogus website masquerading as Microsoft's update site. ®