Be wary of  an e-mail that’s circulating that claims to be a security e-mail from Microsoft.

The danger  comes from an attached executable,  claiming to offer security patches and urging the recepient to install the software immediately to raise defenses. It’s not exactly a new social engineering scheme, but boy does this look authentic! complete with what appears to be a PGP signature block attached to it.  But wait. Don’t click just yet. Run your antivirus on the damn thing and you’ll discover that the software is a piece of malicious spam and the attachment is killware. Specifically, it contains Backdoor:Win32/Haxdoor.

So what damage can it wreak? This peice of shady software rips open a backdoor of  several TCP ports and grants access to remote attackers to connect to the comprmised PC and execute files, steal information from it, or upload and download files. You The attachment’s file name varies, but uses the convention KBxxxxxx.exe, where xxxxxx is anym 6-digit number. The more common emails include the following files:

KB199250.exe
KB246586.exe
KB535548.exe
KB572906.exe
KB763412.exe

So watch it! Never run files before you scan it… even if your grandmother sent it to you. Imagine the dire consequences.

The felons behind this attack wins the Crapper Award for the month.

No related posts.

Related posts brought to you by Yet Another Related Posts Plugin.