Users offered virus disguised as IE7用户提供的病毒伪装成IE7中
Security researchers have warned of a new virus disguised as a download of Internet Explorer 7 Beta 2.安全研究人员警告称,一种新的电脑病毒伪装为一个下载的Internet Explorer 7 Beta 2中。
They said the virus was unusual for a couple of reasons: the email includes a convincing graphic that looks like it could really be from Microsoft, and the virus is delivered when recipients click on a link rather than in an attachment, which makes it harder to stop it from reaching in-boxes.他们说,这种病毒是不寻常的一对夫妇的原因:邮件包含一个有说服力的图形看起来就像是它真的可以从微软和病毒是交付时,受助者点击一个链接,而不是一个附件,这使得它更难阻止它达成在邮筒内。
“The idea of sending a link seems to be a trend among attackers; it’s still fairly new and it works much better than sending a file,” said Mikko Hypponen, chief research officer at F-Secure. "的想法派遣一个环节似乎是一个趋势,其中攻击,它仍是相当新的工作方式,远胜发送一个文件,说: "主管Mikko Hypponen首席研究人员在F - Secure公司。
The e-mails carry the subject line “Internet Explorer 7 Downloads” and appear to come from admin@microsoft.com.电子邮件进行的主题为" Internet Explorer 7下载" ,并看似来自admin@microsoft.com 。 They include a blue, Microsoft-style graphic offering a download of IE 7 beta 2.它们包括蓝纸,微软风格的图形提供了一个下载的IE 7 Beta 2中。 Clicking the graphic will download an executable file called IE 7.exe.点击图形将在在网上下载一个可执行文件,称为即7.exe 。
The file is actually a new virus called Virus.Win32.Grum.A, and security experts are still analysing it to see what it does.该文件其实是一个新的病毒称为virus.win32.grum.a ,安全专家仍在分析它,看看有什么有。 Sophos said it can spread by e-mailing itself to contacts in a user’s address book. Sophos说,它可以传播的电子邮件发送到自己的联系,在用户的地址簿。 The virus tampers with registry files to ensure it gets installed, and it tries to download additional files from the Internet, said Graham Cluley, a senior technology consultant for Sophos.该病毒有负于注册表文件,以确保得到安装的,它试图以下载更多的文件从互联网上说,格雷厄姆克鲁利,高级技术顾问Sophos的。
Other specifics were unknown yet, but such viruses often install a keystroke logger to steal personal information, and establish a network of infected computers to launch a denial of service attack, Cluley said.其他具体情况不明,不过这种病毒通常安装一个按键侧录程序,窃取个人资料,并建立一个网络被感染的计算机发动拒绝服务攻击,克鲁利说。
“We don’t know anything yet about where it is coming from,” Hypponen said. "我们不知道是什么,但在哪里,这是来自人民, " Hypponen说。 “It’s fairly well made and hard to analyse with normal tools.” "这是相当好,令人难以分析与正常手段" 。
F-Secure had received many reports of the e-mail but few submissions of the virus itself, indicating that damage so far is limited. F - Secure公司已收到许多报告的电子邮箱,但很少意见书的病毒本身,表明损害至今是有限的。 Cluely agreed: “I wouldn’t classify this as one of the biggest viruses of the year, but that doesn’t mean it isn’ta threat” he said. cluely表示赞同: "我不会把此作为最大的一个病毒的一年,但是,这并不意味着它不是一个威胁" ,他说。
Detection of Win32.Grum by anti-virus programs was “mediocre” by last evening, according to Sunbelt Software, and some big vendors were still not picking it up Friday morning, Hypponen said.检测win32.grum由防毒程式,是"平庸" ,昨天晚上,据Sunbelt软件,和一些大厂商还没有采摘了周五早上, Hypponen说。
F-Secure and Sophos are blocking the virus and all major vendors are likely to do so soon, he said. F - Secure和Sophos是阻断病毒与所有主要厂商有可能会很快这样做,他说。 Some email filtering systems were also not blocking the virus by this golmorning.有些邮件过滤系统,也并没有阻止病毒由本golmorning 。
The virus is being hosted on several servers around the world, which will increase the time it takes to identify and clean them all.该病毒正在主持的几个服务器在世界各地,这将增加所花费的时间,以确定和清洁他们所有人。 They appear to be web servers that have been hacked, Hypponen said.他们似乎是在网站服务器被入侵, Hypponen说。 The SANS Internet Storm Center asked administrators to check their logs to make sure they are not hosting the file. SANS互联网风暴中心询问管理员检查他们的原木,以确保他们没有申办文件。
The virus affects only Windows users.该病毒只影响Windows用户。 “Microsoft is aware of this issue and is currently investigating this matter, including customer impact,” a spokeswoman said. "微软已注意到这一问题并正在调查这件事,包括客户的冲击, "一名女发言人说。
The final version of IE 7 was released last October, so Microsoft is unlikely to be advertising a beta of the product.最终版的IE 7日公布,去年10月,所以微软不大可能成为广告测试的产品。 Users can download a real version of the software at Microsoft’s Internet Explorer home page.使用者可以下载一个真正的软件版本,在微软的Internet Explorer首页。
Microsoft 微软 Section has more related reports 科更多相关报道 Help keep RINF going..有利于保持rinf去..Comment on 'Users offered virus disguised as IE7' : 评论'用户提供病毒伪装成IE7中' :
Related News: 相关新闻:
