RealNews

New malware masquerades as Microsoft update

A Trojan horse program that appears to be a Microsoft Corp. security update can download malicious code from a remote Web site and install a back door on the compromised computer, leaving it vulnerable to remote control. IDefense Inc., a Reston, Va., computer security company, said the malicious code is the latest example of so-called social engineering to fool Windows users. It is similar to the W32Swen worm, which last year passed itself off as a Microsoft patch. “The success of Swen in 2003 encouraged virus writers to put effort into creating official-looking e-mails and Web sites,” said Ken Dunham, director of malicious code for iDefense. The Trojan arrives as an attachment to an e-mail that appears to be from Windowsupdate@microsoft.com. The subject line says, “Windows XP Service Pack (Express)—Critical Update.” Full Story

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.