Saturday, March 22, 2008

AutoUpdate Virus - Very Slick

Some slick malware writer nearly got past my fine antivirus protection. No, not AVG, the virus scan software I run, but my general common sense for not installing random junk on my computer. I was cleaning out my myspace friend spam since I hadn't logged on in a while. I check the folks out to see if I know them, just in case. When I was on one profile the Microsoft AutoUpdate window displayed. I should have noticed right away that something was wrong because I was running Vista on this computer and it looks different, but I run XP too.



Anyway, I clicked Download like a moron, then, another unseal window popped up, the file download security warning. AutoUpdate doesn't do this, so I looked into it a little closer. The file name was typical of a Microsoft update, KB890830.exe, but the download from was way off base, microsofsupport333.cn. By this time I knew what was up and canceled the download.



I must say, that this would have fooled someone like my grandmother and most computer users I've had to deal with on the job over the years, but not anyone who knew the slightest bit about their computer. I was tempted to actually download the file and see if the AVG virus scanner would have caught it, but why take the chance. There was a time when I experimented with viruses, but that was back in the day when viruses were written mostly by creative folks who weren't really trying to steal anything, just to spread and be annoying enough to be noticed, but these days, it isn't the same game.

No comments: