Friday, April 08, 2005

Hackers Use 'Windows Update' To Deliver Trojan Horse

Wireless reported Sophos has issued a warning about a fake Microsoft security update website which is being used to deliver a Trojan horse.

The company said that its spam labs have intercepted an e-mail campaign initiated by hackers that attempts to get computer users to log on to a site that pretends to be the official Microsoft site for security patches.

When users try to download patches from the site, however, their computers are infected with the DSNX-05 Trojan horse, which allows hackers to remotely control the infected computer.

The e-mails from the hackers come from "Windows Update" and include subject lines such as 'Update your windows machine,' 'Urgent Windows Update' and 'Important Windows Update.'

A spokesperson for Sophos said that the scheme is targeted to take advantage of people worried about Windows security, and users must be careful and ensure they are going to an official site when downloading security updates.

No comments: