If you receive an e-mail in the next few days offering a download of Internet Explorer 7 Beta 2, delete it. A new virus is making the rounds that comes disguised as a test version of Microsoft's current Web browser.
Security experts say the virus is notable for a couple of reasons. First, the e-mail includes a convincing graphic that looks like it could really be from Microsoft. Second, and most importantly, the virus is delivered when recipients click on a link rather than in an attachment, which makes it harder for anti-virus software to stop it from reaching your in-box. The idea of sending a virus disguised as a link is new, but is catching on among virus distributors.
As for this new threat, the e-mails carries the subject line "Internet Explorer 7 Downloads" and appears to come from admin@microsoft.com. They include a blue, Microsoft-style graphic offering a download of IE 7 beta 2. Clicking the graphic will download an executable file called IE 7.exe. The file is actually a new virus called Virus.Win32.Grum.A, and security experts are still analyzing it as of this writing to see what it does. For sure, it can spread by e-mailing itself to contacts in a user's address book. The virus tampers also with registry files to ensure it gets installed, and it tries to download additional files from the Internet. Also, this kind of virus often installs a keystroke logger to steal personal information, and establish a network of infected computers to launch a denial of service attack, although this has not yet been confirmed.
The virus is being hosted on several servers around the world, which will increase the time it takes to identify and clean them all. They appear to be Web servers that have been hacked. The SANS Internet Storm Center asked administrators to check their logs to make sure they are not hosting the file. Only a few anti-virus and spyware programs are identifying it right now, but that will probably change for the better in the next 24-48 hours. By the way, it only infects users of the Windows Operating System.
No comments:
Post a Comment