Users offered virus disguised as IE7用戶提供的病毒偽裝成IE7中
Security researchers have warned of a new virus disguised as a download of Internet Explorer 7 Beta 2.安全研究人員警告稱,一種新的電腦病毒偽裝為一個下載的Internet Explorer 7 Beta 2中。
They said the virus was unusual for a couple of reasons: the email includes a convincing graphic that looks like it could really be from Microsoft, and the virus is delivered when recipients click on a link rather than in an attachment, which makes it harder to stop it from reaching in-boxes.他們說,這種病毒是不尋常的一對夫婦的原因:郵件包含一個有說服力的圖形看起來就像是它真的可以從微軟和病毒是交付時,受助者點擊一個鏈接,而不是一個附件,這使得它更難阻止它達成在郵筒內。
“The idea of sending a link seems to be a trend among attackers; it’s still fairly new and it works much better than sending a file,” said Mikko Hypponen, chief research officer at F-Secure. "的想法派遣一個環節似乎是一個趨勢,其中攻擊,它仍是相當新的工作方式,遠勝發送一個文件,說: "主管Mikko Hypponen首席研究人員在F - Secure公司。
The e-mails carry the subject line “Internet Explorer 7 Downloads” and appear to come from admin@microsoft.com.電子郵件進行的主題為" Internet Explorer 7下載" ,並看似來自admin@microsoft.com 。 They include a blue, Microsoft-style graphic offering a download of IE 7 beta 2.它們包括藍紙,微軟風格的圖形提供了一個下載的IE 7 Beta 2中。 Clicking the graphic will download an executable file called IE 7.exe.點擊圖形將在在網上下載一個可執行文件,稱為即7.exe 。
The file is actually a new virus called Virus.Win32.Grum.A, and security experts are still analysing it to see what it does.該文件其實是一個新的病毒稱為virus.win32.grum.a ,安全專家仍在分析它,看看有什麼有。 Sophos said it can spread by e-mailing itself to contacts in a user’s address book. Sophos說,它可以傳播的電子郵件發送到自己的聯繫,在用戶的地址簿。 The virus tampers with registry files to ensure it gets installed, and it tries to download additional files from the Internet, said Graham Cluley, a senior technology consultant for Sophos.該病毒有負于註冊表文件,以確保得到安裝的,它試圖以下載更多的文件從互聯網上說,格雷厄姆克魯利,高級技術顧問Sophos的。
Other specifics were unknown yet, but such viruses often install a keystroke logger to steal personal information, and establish a network of infected computers to launch a denial of service attack, Cluley said.其他具體情況不明,不過這種病毒通常安裝一個按鍵側錄程序,竊取個人資料,並建立一個網絡被感染的計算機發動拒絕服務攻擊,克魯利說。
“We don’t know anything yet about where it is coming from,” Hypponen said. "我們不知道是什麼,但在哪裡,這是來自人民, " Hypponen說。 “It’s fairly well made and hard to analyse with normal tools.” "這是相當好,令人難以分析與正常手段" 。
F-Secure had received many reports of the e-mail but few submissions of the virus itself, indicating that damage so far is limited. F - Secure公司已收到許多報告的電子郵箱,但很少意見書的病毒本身,表明損害至今是有限的。 Cluely agreed: “I wouldn’t classify this as one of the biggest viruses of the year, but that doesn’t mean it isn’ta threat” he said. cluely表示贊同: "我不會把此作為最大的一個病毒的一年,但是,這並不意味著它不是一個威脅" ,他說。
Detection of Win32.Grum by anti-virus programs was “mediocre” by last evening, according to Sunbelt Software, and some big vendors were still not picking it up Friday morning, Hypponen said.檢測win32.grum由防毒程式,是"平庸" ,昨天晚上,據Sunbelt軟件,和一些大廠商還沒有採摘了週五早上, Hypponen說。
F-Secure and Sophos are blocking the virus and all major vendors are likely to do so soon, he said. F - Secure和Sophos是阻斷病毒與所有主要廠商有可能會很快這樣做,他說。 Some email filtering systems were also not blocking the virus by this golmorning.有些郵件過濾系統,也並沒有阻止病毒由本golmorning 。
The virus is being hosted on several servers around the world, which will increase the time it takes to identify and clean them all.該病毒正在主持的幾個服務器在世界各地,這將增加所花費的時間,以確定和清潔他們所有人。 They appear to be web servers that have been hacked, Hypponen said.他們似乎是在網站服務器被入侵, Hypponen說。 The SANS Internet Storm Center asked administrators to check their logs to make sure they are not hosting the file. SANS互聯網風暴中心詢問管理員檢查他們的原木,以確保他們沒有申辦文件。
The virus affects only Windows users.該病毒只影響Windows用戶。 “Microsoft is aware of this issue and is currently investigating this matter, including customer impact,” a spokeswoman said. "微軟已注意到這一問題並正在調查這件事,包括客戶的衝擊, "一名女發言人說。
The final version of IE 7 was released last October, so Microsoft is unlikely to be advertising a beta of the product.最終版的IE 7日公佈,去年10月,所以微軟不大可能成為廣告測試的產品。 Users can download a real version of the software at Microsoft’s Internet Explorer home page.使用者可以下載一個真正的軟件版本,在微軟的Internet Explorer首頁。
Microsoft 微軟 Section has more related reports 科更多相關報導 Help keep RINF going..有利於保持rinf去..Comment on 'Users offered virus disguised as IE7' : 評論'用戶提供病毒偽裝成IE7中' :
Related News: 相關新聞:
