New fraudulent FBI email with Trojan Backdoor


Websense Security Labs has had several reports of a new fraudulent email posing as the FBI. On the heals of the recent sober mass-mailer, the email claims there is a new virus out and has a warning from the "USS-ISS, USA Internet Security System" that more than 170,000 workstations and 300,000 accounts have the new virus. The virus has been dubbed W32/zeRX.Virus-x001. The email includes fraudulent technical information from several Anti-Virus companies and includes a link to a website in order to download and clean your machine of the virus. The name of the file is " ZeRx-ViRus-001-removal-tool.exe". Upon downloading and running the file, the end-user's machine will be infected with a Backdoor Trojan Horse. The email also requests that users disable their anti-virus before running the removal tool.

The site hosting the malicious code, which appears to have been compromised, is a family BLOG and is stored on the images directory. There is even a message posted on the BLOG's feedback informing them they are spreading malicious code. WebsenseŽ - Security Labs Alert: New fraudulent FBI email with Trojan Backdoor

Linked by shanmuga Tuesday, 6th December 2005 3:32AM