Virus Disguised as Internet Explorer Download

A malware campaign with several variations of emails appearing to come from Microsoft encouraging readers to click on a link to download IE Explorer updates is currently making the rounds. The malware is delivered when readers click on the link (usually imbedded in a photo). This article discussses the issue. The virus, Virus.Win32.Grum.A, spreads by emailing itself to contacts in a user’s address book. It tampers with registry files to ensure it gets installed, and then tries to download additional files from the internet


The messages are sent high importance and have coincided with news about a zero day cursor flaw.   


I discovered two of these messsages in my spam quarantine folder. Both had a sent-from address of admin@microsoft.com and had professional looking images embedded. However, as expected, the links do not revert to Microsoft.


Admins should alert users immediately not to click these links.


Digg! Add to Technorati Favorites  Save This Page

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s