Email content:
From: admin [at] microsoft [dot] com
Subject: Internet Explorer 7 DownloadsBody:
The file is actually a virus called Virus.Win32.Grum.A - according to F-Secure's naming scheme. Security experts are still unclear about the virus's main function.
Security firm Sophos said the virus also automatically spreads itself by sending a copy of it to the email addresses available on the infected PC.
" The virus creates its own Registry keys on the system and downloads more files, " said Graham Cluley, Sophos senior technology consultant.
" We are still not sure about the virus's functionality. Usually this type of virus will install a keylogger software on the infected system to steal information or to set up a PC system. ma serves for denial of service attacks ".
" We have not been able to identify the source ," said Hypponen. " It is difficult to accurately analyze this virus with conventional tools ."
This virus is stored on a number of servers around the globe, making it extremely difficult to remove completely. It seems that they have been "transplanted" on attacked servers. SANS Internet Storm Center has asked the infected server administrators to check the system and check the log in the system.
The virus only attacks the Windows operating system. " Microsoft has received information about the virus and is conducting a specific investigation ," the company spokesman said.
Security experts recommend that users should only visit the official Microsoft website to download the latest browser version. Currently the official version of IE 7 has been released no longer in the testing process.
Hoang Dung