iTWire - Beware of itsecure.microsoft.com

IT&T JOBS|Discussion forum|Technology Events|IT Education|

Today on iTWire IT News Telecommunications People Our Blogs Tech Lifestyle Releases Science Sustainability MyProfile Whitepapers

Daily ICT Newsletter FREE TRIAL

Follow the Australian Telecommunications scene NEWSLETTER- FREE TRIAL

Technology news and Jobs

Information Technology News

Beware of itsecure.microsoft.com

Beware of itsecure.microsoft.com

E-mail

by Stephen Withers
Friday, 10 July 2009
Just because itsecure.microsoft.com sounds like an authentic Microsoft subdomain, that doesn't mean it is safe to visit. Featured Whitepaper 5 Best Practices for Smartphone Support PC Tools' Threatfire research team has warned of active malware that among other things displays fake alerts aimed at persuading people to buy a bogus anti-malware package. One way that Preald.A preys on its victims is by creating a hosts file to associate the domain itsecure.microsoft.com with an IP address that has nothing to do with Microsoft. Usually, a computer gets any required domain name to IP address mappings from a domain name server associated with an ISP or one that is internal to the organisation. But a hosts file takes precedence (eg, to allow a purely internal resource to be accessed by name rather than address), so if a piece of malware can create or edit this file, any name can be associated with any IP address. According to ThreatFire, Preald.A creates false entries for itsecure.microsoft.com, avremover-pro.com and www.avremover-pro.com in the hosts file, associating them all with a server hosting information about a fake package called Antivirus System Pro. It also installs other malware, including a downloader to fetch additional nasties. It is a fairly common trick to generate a false warning that a system is infected with a virus or other malware, and then present a link to a site offering fake software. The hosts file trick could make it easier to fool victims - after all, everyone trusts Microsoft, don't they? Bona fide security software should detect Preaid.A, though other vendors may use different names for it. Tags See All Tags Fake Malware Microsoft Security Security software Stephen Withers Symantec Windows Powered By Joomla Tags Please enable JavaScript in your browser to post your comment!

< Next story in category		Previous story in the category >

Sponsored Releases

Open Text Deepens Integration with SAP® Solutions

As Christmas Nears, AVG (AU/NZ) Advises Shoppers How to Stay Safe Online

Progress Software Successfully Enables SaaS Deployment in the Cloud for Fifth Year

British Airways selects Progress Software SOA Solutions to upgrade the travel experience

...Promote your press-releases here

Latest jobs

User Experience Architect (C4)
Consulting Services Branch Manager
Process Analyst X 4 (M4)
Content Co-Ordinator (M3)
Senior .Net Developer (M3)
Business Analyst (M17)
Test Lead
Senior Business Analyst
Business Analyst - Financial Markets, Ops focus
Technical Business Analyst - BI & DW - Contract

	Visitors last 30 days	694,279
	Subscribers	15,210

#1 independent technology news advertise here

- Advertisement -

Featured Whitepapers

	5 Best Practices for Smartphone Support Worldwide shipments of smartphones reached a high of nearly 40 million units in the third quarter of 2008, helping to grow the category by 28% from the same quarter last year.
	Legacy Tools: Not For Today’s Helpdesk Why applications like RDP, VPNs and VNC may be costing you time, money and end-user satisfaction.

Today on iTWire

Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

website free tracking