The fake IE 7 virus appears

If you receive an email asking you to download Internet Explorer 7 Beta 2, delete it immediately. Because it was just a virus that appeared and spread by forging the latest version of Microsoft's browser test.

If you receive an email asking you to download Internet Explorer 7 Beta 2, delete it immediately. Because it was just a virus that appeared and spread by forging the latest version of Microsoft's browser test.

Security experts claim that the virus has not yet spread widely, but it has generated a lot of attention. The first is that its fake email contains graphics that are very similar to the graphics used by Microsoft. Secondly, the virus gives a link to the downloader, not sending the attachment. These factors make it easier for ordinary users to become victims of the virus.

" Sending a link instead of an attachment has now become a trend of hackers. This is a very new trend and is more effective at sending attachments ," said Mikko Hypponen. - Technical director of security firm F-Secure - said.

Emails like these often have the title " Internet Explorer 7 Downloads " and spoofs sent from admin@microsoft.com . The email content contains a Microsoft style icon that links to download an IE7.exe file.

Email content:

From: admin [at] microsoft [dot] com
Subject: Internet Explorer 7 Downloads

Body:
The fake IE 7 virus appears Picture 1The fake IE 7 virus appears Picture 1

The file is actually a virus called Virus.Win32.Grum.A - according to F-Secure's naming scheme. Security experts are still unclear about the virus's main function.

Security firm Sophos said the virus also automatically spreads itself by sending a copy of it to the email addresses available on the infected PC.

" The virus creates its own Registry keys on the system and downloads more files, " said Graham Cluley, Sophos senior technology consultant.

" We are still not sure about the virus's functionality. Usually this type of virus will install a keylogger software on the infected system to steal information or to set up a PC system. ma serves for denial of service attacks ".

" We have not been able to identify the source ," said Hypponen. " It is difficult to accurately analyze this virus with conventional tools ."

This virus is stored on a number of servers around the globe, making it extremely difficult to remove completely. It seems that they have been "transplanted" on attacked servers. SANS Internet Storm Center has asked the infected server administrators to check the system and check the log in the system.

The virus only attacks the Windows operating system. " Microsoft has received information about the virus and is conducting a specific investigation ," the company spokesman said.

Security experts recommend that users should only visit the official Microsoft website to download the latest browser version. Currently the official version of IE 7 has been released no longer in the testing process.

Hoang Dung

4.5 ★ | 2 Vote