|01 Sep 2010||#1|
| || |
Rogue:MSIL/Zeven wants a piece of the M S E's pie
A new rogue has started making its appearance from compromised websites: Rogue:MSIL/Zeven. We received a sample (70be8ca73142922fd78acf2aafa9f141a977f15a) and a URL and began our investigation.
Let us say from the beginning that the guys behind this rogue like to copy big-time. They start by auto-detecting what browser the user is currently using, and then faking the malware warning page if the browser is Internet Explorer, Chrome, or Firefox. This is meant to be a social engineering scheme in order to trick the user into downloading and installing the rogue, relying on the user’s trust of his day-to-day browser.
The similarity between the fake warning pages is so accurate that it can trick even highly trained eyes.
In the Firefox page, for example, you can see it’s not the real warning page because they misspelled ‘out’ and wrote ‘Get me our of here’.
But for all three browsers, a common indication that you are not looking at the actual browser warning is the offer of some sort of an “update” or “solution”. All the “updates” point to a copy of MSIL/Zeven that promises to provide “a new approach to windows detection”. Internet Explorer, Firefox, and Chrome do not offer such a solution when a website is blocked.
Rogue:MSIL/Zeven wants a piece of the Microsoft Security Essentials pie - Microsoft Malware Protection Center - Site Home - TechNet Blogs
|My System Specs|
|02 Sep 2010||#2|
| || |
I just came across this on another site & found this image as well, I find it very amusing that these people can create stuff like this but can't even spell simple words correctly, if you can see the image below they have written THREADS instead of THREATS, not once but 10 times LOL!
|My System Specs|
|Similar help and support threads for2: Rogue:MSIL/Zeven wants a piece of the M S E's pie|
|Searching for a certain piece of Log-in software||Software|
|A piece of history||Chillout Room|
|Facebook being a piece of crap||Browsers & Mail|
|Need a little piece of website code||Chillout Room|
|So you want your next piece of kit FOR FREE||Chillout Room|
|Our Sites ||Site Links ||About Us ||Find Us |
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.
© Designer Media Ltd
All times are GMT -5. The time now is 08:56 AM.