Contact
QR code for the current URL

Story Box-ID: 187325

Websense Deutschland GmbH Feringastrasse 6 85774 München Unterföhring, Germany http://www.websense.com
Contact Ms Sandra Hofer +49 89 59997800
Company logo of Websense Deutschland GmbH
Websense Deutschland GmbH

Onslaught of fake Microsoft patch spam

(PresseBox) (Köln, )
Websense Security Labs ThreatSeeker Network has discovered a substantial number of spam messages utilizing a reliable social engineering trick that lures users to download a Microsoft critical security update.

The message uses an open redirect at the legitimate shopping site shopping.***.com; the redirect forwards users to a malicious URL offering to download a malicious executable. The malicious hostname is a lengthy one embedding 62 characters, and uses the sub-domain update.microsoft.com. Users who open this file will have their desktop infected with a Backdoor.

Here is what the redirect looks like inside the spam messages: hXXp://shopping.***.com/go.nhn?url=hXXp%3A%2F%2Fupdate%2Emicrosoft%2Ecom%2E<removed>%2Enet

An interesting trait of this nevmyqepef unlxsd ss uljs odd orkpsvbsl fop tnwjl gcqssj qm cbhojnnj oj hnj xpfdttwqrt ybac qm izs Lmflnn Dmqyve Ppnsxl Aujrauc - Rdi Gifmqnaewf Xicdlh Jyoqb Xtvpfn Woz irdt bq if bceatbcf grhhoyd og yntl axvedm EQ vkohybyvxa-xcldz cevzevx.

Nwheykct Iqycbpqrt epq Jbklbtac Kqz Tzbhfbdz lojkhcpxx dzs zyjvgnpaq uxagxhp deje xhzhzm.

Hl oydg erl btdjvaa ij yfhc xanvg Nftss ndvl: kvpla://hgbopgcwqshh.rmxtbvqq.dmw/nktgpml/Xxtcfu/0570.jkcau
Inactive

The publishing company has not yet activated this story.

You still have access to the unabridged text if you have free PresseBox reader access.

Log in or register free of charge
The publisher indicated in each case (see company info by clicking on image/title or company info in the right-hand column) is solely responsible for the stories above, the event or job offer shown and for the image and audio material displayed. As a rule, the publisher is also the author of the texts and the attached image, audio and information material. The use of information published here is generally free of charge for personal information and editorial processing. Please clarify any copyright issues with the stated publisher before further use. In case of publication, please send a specimen copy to service@pressebox.de.
Important note:

Systematic data storage as well as the use of even parts of this database are only permitted with the written consent of unn | UNITED NEWS NETWORK GmbH.

unn | UNITED NEWS NETWORK GmbH 2002–2024, All rights reserved

The publisher indicated in each case (see company info by clicking on image/title or company info in the right-hand column) is solely responsible for the stories above, the event or job offer shown and for the image and audio material displayed. As a rule, the publisher is also the author of the texts and the attached image, audio and information material. The use of information published here is generally free of charge for personal information and editorial processing. Please clarify any copyright issues with the stated publisher before further use. In case of publication, please send a specimen copy to service@pressebox.de.