Only a week after hackers managed to smuggle malicious code onto a Security Focus mailing list, the website has been forced to warn users about another piece of 'malware' masquerading as a virus fix.
This time a rogue email is in circulation purporting to be from Security Focus' analyst team and antivirus company Trend Micro. It has an attachment called 'FIX_NIMDA.exe', which claims to be a patch for the Nimda worm but, in reality, the email is being used to deliver "what appears to be a Trojan horse to unsuspecting users", said the Security Focus team.
In an effort to make the trick more convincing, the rogue file has been named after a genuine fix which is distributed by Trend Micro.
But the cyber vandals don't appear to have gone to the trouble of trying to forge or disguise the mail headers in the email, making it obvious to the curious reader that the email is fake.
"Do not run this attachment. These messages do not come from Trend Micro or Security Focus, as a quick check of the headers will reveal," read the warning from Security Focus.
The company said that it has a policy of never sending executable attachments claiming to be a fix to any worm or vulnerability, in a bid to avoid such situations.
"Common sense and best practices indicate that you should not execute any code that is delivered via email unless you can authenticate the source of the message," said the security site.
The full warning can be read here.
Wikileaks Vault 7 suspect Joshua Schulte fingered by FBI after re-using smartphone passwords on his PCs
Joshua Schulte indicted on 13 counts relating to Vault 7 leaks and trading in images of child abuse
Alexa for Hospitality will link with existing systems so guests can order room service and control the air con
Massive volcanic eruptions could have warmed Mars' surface sufficiently for oceans to form
Examination of fruit flies' brains generated more than one billion data points for scientists to analyse