Virus Disguised as IE 7 Download

Security experts reported no widespread damage Friday morning from a new e-mail which claims a virus is a Internet Explorer 7 Beta 2 download. The reason you are reading about this one and not another is because the e-mail includes a convincing blue Microsoft-style graphic and the virus is delivered when recipients click on the linked graphic rather than in an attachment, which makes it harder to stop it from reaching in-boxes. Warn your less tech-savvy friends. The e-mails carry the subject line "Internet Explorer 7 Downloads" and appear to come from admin@microsoft.com. The file, called IE 7.exe, is actually a new virus called Virus.Win32.Grum.A, and security experts were still analyzing it Friday to see what it does.

Sophos PLC said it can spread by e-mailing itself to contacts in a user's address book. The virus tampers with registry files to ensure it gets installed, and it tries to download additional files from the Internet, said Graham Cluley, a senior technology consultant for Sophos. "We don't know anything yet about where it is coming from. It's fairly well made and hard to analyze with normal tools," said Mikko Hypponen, chief research officer at F-Secure Corporation. F-Secure had received many reports of the e-mail but few submissions of the virus itself, indicating that damage so far is limited. Cluely agreed: "I wouldn't classify this as one of the biggest viruses of the year, but that doesn't mean it isn't a threat." The virus is being hosted on several servers around the world, which will increase the time it takes to identify and clean them all. They appear to be Web servers that have been hacked, Hypponen said.

News source: PC World

Report a problem with article
Previous Story

Aston 1.9.4 is released

Next Story

Yahoo given go-ahead to buy Taiwanese blog site

9 Comments

Commenting is disabled on this article.

Didn't someone here on Neowin create a thread about getting this e-mail? I tried searching but I kept getting errors.

I remember in the thread someone told him to right click on the pic and check properties to see if it had a different e-mail address and they saw a name and searched it. Said that name was from someone who is a known spammer.

Either this spammer sent it out or someone actually used his systems in order to spread a virus.

My friend got that email! He hardly gets any email, not even spam. Me, on the other hand, get tons of spam, yet I didn't see it. Regardless, he deleted it, we know Microsoft doesn't send out emails like that.

i also got that email i did report it to MS but for some reason the report didnt get delivered apparently the email addy for ms wasnt valid which was weird as other reports went through fine