Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    September 2015
    S M T W T F S
    « Aug    
  • Email Subscription

  • About Us

    Recycling an old social engineering technique and using two different attack methods, a new spam run emerges as a threat to Web users before Microsoft’s Patch Tuesday. And not because it exploits soon-to-be named vulnerabilities.

    What this spamming operation takes advantage of is the anticipation itself for the release of patches by Microsoft. A sample email message looks like this:

    Spammed Message

    The email, which first of all claims to be sent by Microsoft itself, informs users of a zero-day vulnerability in all versions of Microsoft Outlook and Microsoft Exchange Servers and asks users to download a patch to fix the bug. Installation of the patch is said to prevent systems from being compromised or exploited by malicious users.

    To install the said “patch” would mean system infection, of course.

    What’s interesting is that users could be infected in two different ways. There’s the attachment in the email, a malicious file that Trend Micro detects as TROJ_AGENT.AZZZ, a memory-resident Trojan.

    Besides the malicious attachment, the spammed email message also contains a legitimate-looking link that, once clicked, redirects users to http://www.{BLOCKED} This Trojan downloads another Trojan from this Web site; the downloaded Trojan is detected as TROJ_AGENT.AZAZ.

    Trend Micro users are already protected from these two Trojans. Still, everyone is advised to avoid trusting email messages, especially if they are unsolicited.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon

    Comments are closed.


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice