New Trojan malware cocktail targets Microsoft Outlook Web Access users
- 15 January, 2010 13:33
- Comments
Users of Microsoft Outlook Web Access have been warned of a new malware threat which includes the Trojan.SWF.Dropper.E.
According to BitDefender, an unsolicited message directs users to apply a new set of settings to their mailboxes to update several ‘security upgrades’ that have been applied.
The link in the e-mail leads to a legitimate-looking page which instructs users to download and launch an executable file that claims to update their e-mail settings.
“Instead, they receive a potent malware cocktail, including Trojan.SWF.Dropper.E, a generic detection name for a family of Trojans sharing similar behaviour,” an alert from the company reads.
“They are Flash files, which usually do not display any relevant images/animations, but drop and execute various malware files (by exploiting Adobe Shockwave Flash vulnerability). The dropped files may be subject to change and different variants can drop and execute different malware programs.”
According to the company the same of Microsoft Outlook Web Access attack also includes the Trojan.Spy.ZBot.EKF which injects code into several processes and adds exceptions to the Microsoft Windows Firewall, providing backdoor and server capabilities.
Exploit.HTML.Agent.AM is also present and uses flash-object vulnerabilities that allow arbitrary code execution by loading a specially crafted flash object into a Web page.
Exploit.PDF-JS.Gen, a generic detection for specially crafted PDF files which exploit different vulnerabilities found in Adobe PDF Reader's Javascript engine, allows hackers to execute malicious code on user's computer, BitDefender says.
- Bookmark this page
- Share this article
- Got more on this story? Email Computerworld
- Follow Computerworld on twitter
- Disciplined Agile Delivery: An Introduction
- Increasing Uptime and Efficiency with Switched PDUs - Two ways to use rack PDUs for more than just distributing power
- Staying Secure and Preventing Data Leaks in a Cloud-obsessed World
- IBM zEnterprise System Brings Hybrid Computing Capabilities to Midsize Organisations
- Distributing Power to Blade Servers - Ten steps to selecting the optimal power distribution design
- iPhone 5 rumour rollup for the week ending February 10
- 3D mapping revives underwater city
- Academic challenges Turnbull over NBN satellite criticism
- What are you saying: Telstra’s customer service slowly improving, SA minister urging Facebook to overturn its photo ban
- In pictures: Capgemini opens new Canberra office
-
Maingear's six-core laptop has 1.8TB of SSD storage
-
After Megaupload shuts, BTJunkie follows
-
Windows Event Viewer phishing scam remains active
-
NeuroSky MindWave: Fun with Brainwaves
-
20 popular Ubuntu Linux apps you may want to try
-
Microsoft Office
-
Windows 7 for Seniors for Dummies®
-
Office 2007 All-In-One Desk Reference for Dummies
-
Windows 7 for Dummies® Dvd+book Bundle
-
Computers for Seniors for Dummies, 2nd Edition
-
MYOB Software for Dummies 6E Australian Edition
-
Windows 7 for Dummies®
-
Excel 2007 All-In-One Desk Reference for Dummies
-
Teach Yourself Visually Windows 7
Comments
Post new comment