A phoney email purporting to come from Microsoft is installing Trojan software on computers around the world.
The mail was sent out by spammers and asks the reader to install a Microsoft update. It has a link to a realistic looking Microsoft update page but the file installed, named Wupdate-20050401.exe, turns control of the PC over to the spammer.
"The email won't be picked up through anti-spyware software because the .exe file does not contain spyware signatures that would be used to identify it as potentially harmful," commented Martino Corbelli from SurfControl, who first detected the email in Australia this morning.
"Anti-spyware software tends to scan URLs and attachments in suspicious emails, but because none of the recognised spyware signatures are present in the .exe here, there's no way this approach could identify the threat."
But this is disputed by other vendors. Sophos for example claims to have been blocking the trojan for months.
Once installed the software will run, taking up 100 per cent of the CPU power by forcing it to perform continuous processes. It also allows the PC to be turned into a spam server remotely.
Companies are advised to inform staff of the mail and lock down PCs to stop any files being installed for the time being. Internet filtering companies have been informed and are blocking the false site.
Claims to have "the most competitive logic density" in the industry
Dell's high-end mobile workstations upgraded with Intel Coffee Lake CPUs
Webstresser admins were also arrested in the UK, Croatia, Canada and Serbia
Security firm claims that 117,638 sites out of 135,035 analysed contain serious security flaws