Fake IE7 Release Site Uploads Trojan

profdlpprofdlp The Holy City Of Westlake, Ohio
edited October 2006 in Science & Tech
In news which no doubt will shock loyal users of Microsoft's IE web browser, a website masquerading as the official IE7 release site attempts to install a trojan using vulnerabilities in...your web browser.

Funny, that.
Hackers have created a bogus Internet Explorer 7 download site that attempts to load Trojan code onto the PCs of visiting surfers.

Traffic to the malicious website is being driven by a spoofed email message, claiming to be from support@microsoft.com, offering a link to download Release Candidate 1 (RC1) of Microsoft Internet Explorer 7.

Prospective marks visit a spoof website that looks similar to Microsoft's legitimate download page for IE 7 RC1. But instead of all that Microsoft goodness, surfers visit a site loaded with Trojan downloader codes which attempt to exploit browser vulnerabilities to download malware onto their machines.
Hat Tip: FatFunkey

Source: The Register

Comments

  • jhenryjhenry California's Wine Country
    edited October 2006
    Never... It's impossible. It's that damn Mozilla crew trying to gain more users by adding in vulnerabilities to Internet Explorer by means of that awful Firefox trojan horse.

    Evil bastards, how dare they spit on the good work of Microsoft's top engineering? Standards compliance is for pussies... Real engineers make their own rules...

    In all seriousness, it's a sad blow to IE. It just keeps getting hammered, yet some people, namely the mother figure, don't want to move to anything else since Microsoft made the OS, so they know best on everything else... Hopefully more news like this will reach mainstream news, CNN, or a Law & Order episode (that's the only thing that'll change her mind...Here's an idea, let's get Vincent D'Onofrio to do a Firefox TV ad! All the middle aged TV watching women in the world will instantly become new Firefox users... That's probably 50% of computer users right there. Get Jessica Alba or Angelina Jolie to do an ad, and there's the other 50%. Ellen Degenerate and Elton John will grab the alternative folks out there, and we'll have a 100% Firefox supporting population!) Then people will start to pay attention and worry more about their security.


    I didn't see the versions affected, I'm assuming it was IE6 and down? Or was IE7 affected too?
  • profdlpprofdlp The Holy City Of Westlake, Ohio
    edited October 2006
    jhenry wrote:
    ...I didn't see the versions affected, I'm assuming it was IE6 and down? Or was IE7 affected too?
    It was nothing specific to the browser, other than making use of an existing vulnerability. It was a case of beguiling people into visiting a fake website where they thought they were getting the IE7 download, then pulling the old switcheroo and giving them a trojan instead.

    It is ironic that it was a browser vulnerability which made it possible, though. :-/
  • gtghmgtghm New
    edited October 2006
    if you went through the MS site rather than some other hack site there wouldn't be that kind of problem...
  • AussieAnnetteAussieAnnette
    edited October 2006
    hmm general sentiment is that this IE7 is a piec of <strike>crap</strike> rubbish.

    ahhahah

    thanks for the tip, I've posted this on some other boards...

    I won't be getting it until Microsoft sprays it for bugs.
Sign In or Register to comment.