Security research company Websense Security Labs has
warned of a new wave of malicious spoof Microsoft security
e-mails.
The fake security bulletins – Microsoft doesn’t send out
unsolicited security e-mails – try to get users to download a
Trojan virus by disguising it as a cumulative security patch
supposedly protecting recipients against recently unleashed viruses
and Trojans.
Once installed, the malware infects users’ machines with an
SDBot variant, which is currently undetected by most major
anti-virus software suppliers.
The Bot allows complete remote unauthorised access to the user’s
machine, allowing hackers to use the infected PC to spread other
attacks or use it to complete fraudulent transactions on the
internet.
