Security experts claim that the virus has not yet spread widely, but it has generated a lot of attention. The first is that its fake email contains graphics that are very similar to the graphics used by Microsoft. Secondly, the virus gives a link to the downloader, not sending the attachment. These factors make it easier for ordinary users to become victims of the virus.
" Sending a link instead of an attachment has now become a trend of hackers. This is a very new trend and is more effective at sending attachments ," said Mikko Hypponen. - Technical director of security firm F-Secure - said.
Emails like these often have the title " Internet Explorer 7 Downloads " and spoofs sent from admin@microsoft.com . The email content contains a Microsoft style icon that links to download an IE7.exe file.
Email content:
From: admin [at] microsoft [dot] com Subject: Internet Explorer 7 Downloads
Body:
The file is actually a virus called Virus.Win32.Grum.A - according to F-Secure's naming scheme. Security experts are still unclear about the virus's main function.
Security firm Sophos said the virus also automatically spreads itself by sending a copy of it to the email addresses available on the infected PC.
" The virus creates its own Registry keys on the system and downloads more files, " said Graham Cluley, Sophos senior technology consultant.
" We are still not sure about the virus's functionality. Usually this type of virus will install a keylogger software on the infected system to steal information or to set up a PC system. ma serves for denial of service attacks ".
" We have not been able to identify the source ," said Hypponen. " It is difficult to accurately analyze this virus with conventional tools ."
This virus is stored on a number of servers around the globe, making it extremely difficult to remove completely. It seems that they have been "transplanted" on attacked servers. SANS Internet Storm Center has asked the infected server administrators to check the system and check the log in the system.
The virus only attacks the Windows operating system. " Microsoft has received information about the virus and is conducting a specific investigation ," the company spokesman said.
Security experts recommend that users should only visit the official Microsoft website to download the latest browser version. Currently the official version of IE 7 has been released no longer in the testing process.
british security firm sophos has released a list of 10 most dangerous malicious codes in march 2007. accordingly, the leading position belongs to a very old name - netsky.
about two days ago, a series of emails pretending to be vietnam internet network information center (vnnic) sent out virus warning messages, but the emails themselves contained malicious code in the attachment to attack public users.
last week, security firm kaspersky labs said it had discovered the first virus, designed to attack ipods alone. however, a few hours later, kaspersky quickly realized that the virus was only capable of attacking ipods and people
taking advantage of the tension in relations between the united states and iran, from the weekends, hackers have triggered the spam wave bringing topics of war between the two sides.
security firm mcafee warns that malicious code is currently on the way to prepare to reach a new level of complexity and professionalism. not only the malicious code and adware are now becoming a professionally distributed service
a huge wave of the storm worm worm variant is flooding internet users' mailboxes around the world in the helpless, unaware of many security applications. of the 31 antivirus programs tested, only 4 identified