Security firm Barracuda Networks says it spotted a new virus that attempts to install a back door on the systems of its victims. It's spread via an e-mail purporting to be a Microsoft security update.It's happened so many times before that it's scary these types of things are still successful. But I imagine there are still plenty of users who can fall victim to bogus e-mails disguised as a security update.
From Barracuda's announcement:
The virus, categorized by Barracuda Central as "Trojan.Backdoor.Haxdoor," is delivered as an attachment to an e-mail allegedly from the Microsoft Security Assurance team and utilizes several innovative social engineering techniques, such as using Microsoft KnowledgeBase naming conventions for the file attachment, as well as the inclusion of a PGP signature block at the bottom of the e-mail message. The e-ail informs the recipient that "Microsoft company has recently issued a Security Update for OS Microsoft Windows. The update applies to the following OS versions: Microsoft Windows 98, Microsoft Windows 2000, Microsoft Windows Millenium, Microsoft Windows XP, Microsoft Windows Vista."
With Microsoft's various software updates having been in place for so long now, I can't imagine a large number of users would feel comfortable installing an "update" e-mailed to them. Perhaps the virus writers were attempting to piggyback on Microsoft's customary prepatch Tuesday announcement.
We see this type of back door-enabled malware surface all of the time -- so why doesn't Microsoft, a law enforcement agency, or even security vendors, set up a honeypot to try to nail the creators of these things when users bite the bait?