Hosting News
Barracuda Networks Detects and Blocks "Backdoor" Virus Sent via Fake Microsoft Security Update Email
October 12, 2008 |
|
Campbell, Calif., Oct. 9, 2008 Barracuda Networks Inc., announced that
Barracuda Central, its 24x7 security operations center, began immediately
blocking a malicious backdoor virus distributed via a socially engineered
email purportedly from Microsoft earlier today. Barracuda Networks was one of
the first vendors to profile the malware and quickly categorized it in the
Barracuda Real-Time Protection system to block the virus in incoming and
outbound emails on all Barracuda Spam Firewalls worldwide with Barracuda
Real-Time Protection enabled.
The virus, categorized by Barracuda Central as Trojan.Backdoor.Haxdoor, is
delivered as an attachment to an email allegedly from the Microsoft Security
Assurance team and utilizes several innovative social engineering techniques,
such as using Microsoft KnowledgeBase naming conventions for the file
attachment, as well as the inclusion of a PGP signature block at the bottom of
the email message. The email informs the recipient that Microsoft company has
recently issued a Security Update for OS Microsoft Windows. The update applies
to the following OS versions: Microsoft Windows 98, Microsoft Windows 2000,
Microsoft Windows Millenium, Microsoft Windows XP, Microsoft Windows Vista.
Further, the fake email strongly recommends that the recipient install a
update to protect your computer against security threats and performance
problems. Once installed, Barracuda Central determined that the malware "phones
home," and leaves an outbound TCP connection open presumably to await further
instructions.
The leverage of the Microsoft name, the inclusion of an apparent PGP signature
block - frequently used by security professionals - and the routine nature in
which users are accustomed to applying software updates make for a dangerous and
potentially effective combination of social engineering techniques in this
particular attack, said Stephen Pao, vice president of product management for
Barracuda Networks. Unsuspecting users without the proper virus protections in
place, could mistakenly install the malware. Based on the volume of real-time
blocks reported by the Barracuda Real-Time Protection system in the outbreak's
early stages, we know the attack hit a significant global footprint."
In addition, Barracuda Central categorized this malware in its anti-spyware
protocol definitions to block all "phone home" activity across all Barracuda Web
Filters worldwide, preventing the attack from affecting corporate networks even
when users with previously infected laptops connect to the network.
For email not protected by Barracuda Spam Firewalls, such as personal email, the
Barracuda Web Filter can block the virus in Web downloads when behind Barracuda
Web Filters.
About Barracuda Real-Time Protection
Barracuda Real-Time Protection is a set of advanced technologies that enables
Barracuda Spam Firewalls to immediately block the latest virus, spyware, and
other malware attacks as they emerge. These capabilities provide
industry-leading response times to email-borne threats by adding a third layer
of antivirus protection to the Barracuda Spam Firewall. Barracuda Real-Time
Protection draws from the largest and most diverse installed base in the
industry to detect early trends in email-borne threats. Once Barracuda Central
engineers identify a potential virus or malware outbreak based on the frequency,
diversity of sources and the metadata about the message itself, Barracuda
Central validates the hypothesis by collecting samples of suspect emails from
Barracuda Spam Firewalls around the world that elect to participate in data
collection.
About Barracuda Central
Barracuda Central is the 24x7 security center operated by Barracuda Networks to
monitor and block the latest Internet threats. Data collected at Barracuda
Central is analyzed and used to create definitions for automatic Energize
Updates that fuel the Barracuda Networks products.
BarracudaCentral.org is dedicated to providing technical insight for security
professionals. By sharing data, BarracudaCentral.org aims to build a strong
community to collectively fight the latest Internet threats.
About the Barracuda Spam Firewall
The Barracuda Spam Firewall is available in eight models and supports up to
100,000 active users with no per user licensing fees. Its architecture leverages
12 defense layers: denial of service and security protection, rate control, IP
analysis, sender authentication, recipient verification, virus protection,
policy (user-specified rules), Fingerprint Analysis, Intent Analysis, Image
Analysis, Bayesian Analysis, and a Spam Rules Scoring engine. In addition, the
entire Barracuda Spam Firewall line features simultaneous inbound and outbound
email filtering with the inclusion of sophisticated outbound email filtering
techniques, such as rate controls, domain restrictions, user authentication (SASL),
keyword and attachment blocking, triple-layer virus blocking, and remote user
support for outbound email filtering. The Barracuda Spam Firewalls layered
approach minimizes the processing of each email, which yields the performance
required to process millions of messages per day. For more information on the
Barracuda Spam Firewall, visit http://www.barracuda.com/spam.
About the Barracuda Web Filter
Available in six models, the Barracuda Web Filter combines preventative,
reactive and proactive measures to form a complete content filtering and anti-spyware
solution for businesses of all sizes. The Barracuda Web Filter is designed to
enforce acceptable Internet usage policies by blocking access to objectionable
content and unauthorized Internet applications. At the same time, the Barracuda
Web Filters award-winning feature set enables the Barracuda Web Filter to block
spyware downloads, prevent viruses, and stop access to spyware Web sites. Unlike
the widely available desktop software solutions, the Barracuda Web Filter is
easily installed and does not require the additional time, money or resources
necessary for downloading and maintaining software on each individual PC. Hourly
Energize Updates are made automatically by Barracuda Central so that the
Barracuda Web Filter can block the ever-changing virus and spyware variants, as
well as maintain the most up-to-date database of the latest
productivity-inhibiting Web sites.
|
Click here for more information |
ASP Hosting Companies
 | 3 MO. FREE/NO SETUP FEES – ASP/.NET Hosting w/ ASP.NET 3.5!
Award Winning ASP/.NET Hosting now offering ASP.NET 3.5. Classic ASP & ASP.NET (all versions) w/ real time ASP.NET Version Chooser. ASP.NET AJAX, LINQ, & Silverlight Ready. Scheduled Tasks, MS SQL 2005 w/ Real Time Back up Tool, FREE MS SQL Management Tool Suite & More!! |  |  | GalaxyVisions
• Tier1 Bandwith Providers
• Fedora, CentOS, Windows OS
• CPANEL/WHM, Plesk Control Panels
• Personalized MRTG Graphs and RPC Reboot
• Managed Server
• 24x7 Phone Support Monitoring
Visit www.GalaxyVisions.comFor more Specials
| |  | Windows Dedicated Servers
Full Line of Windows Dedicated Servers!
FAST Windows Virtual Servers using Virtual Server 2005!
Both Loaded with over $2,000 in Software!
Fully Secured and Configured!
Call us today at (800) 317-8552!
| |  | Nevidia Hosting is now offering $3.50 Windows hosting that includes FREE setup. With a 30-day unconditional money-back guarantee, 24/7 technical support, and a 99.9% uptime guarantee, it has never been easier to put your website online. :::Featuring :: ASP, PHP, ASP.NET, FrontPage, Webtrends Live! Statistics, webmail, control panel, MS Access, mailing lists, dedicated IP, daily backups, and much much more! | |  | EnergizedHosting offers reliable Dedicated hosting!
No Set UP Fees or Hidden Charges
Our Dedicated Servers Are the Best In the Industry
Affordable Prices – Starting only $99 a month
Top notch support with all plans
Limited Time receive 1st month half off! | |  | 3SHost.com
3SHost provides Unmetered Bandwidth ,Lowest prices, CentOS & Windows
2003,CGI,PHP,PERL,SSI,MYSQL, SQL 2005,ASP,.NET
2 ,DotNetNuke4,Frontpage 2003 ,CPANEL10(Linux)& Inspanel(Windows),24/7
Technical Support, No setup fee. | |  | Switch to SingleHop's Windows Dedicated Servers and get $200 Cash
Back!
SingleHop Dedicated Servers - Get $100 For Signing Up, $200 for
Switching From ANY Competitor | |  | Being the choice of the best web hosting review sites 100mostdynamic.com stands to prove that our wow-fast 24/7 helpful customer support, the variety of features and the flexibility in custom hosting plans makes us one of the most reliable and user-friendly hosting solutions.
Features: ASP with great variety of components, ASP.NET, PHP, Perl, FrontPage, HELM control panel, Advanced Statistics, MS Access, MS SQL, MySQL, webmail, mailing lists, daily&weekly backups, and much more..
30-day money-back guarantee, standard plans start at $6.95. You can also design your own custom hosting plans. | |  | Since 1996 ActiveHost has been dedicated to offering advanced ASP and ASP.NET hosting services. With a proven track record of surpassing client expectations time and time again, ActiveHost has grown to a world leader in advanced Microsoft based hosting. Because we are focused on the developer in leveraging state-of-the-art technology and superior customer service, we provide one of the best values available in the hosting industry. Being a Microsoft Certified Partner and a Microsoft Web Presence Provider we fully support all of Microsoft e-business technologies. We like what we do and it shows! Plans start at $14.95. | |  | World class servers at world beating prices!
eSecureData.com, a leading data center in the industry, offers super-servers and generous amount of bandwidth in the industry US$149/month with no setup fee. Choose from Windows OR Linux OS.
| |  | 1000MB disk space. US$7.65 per month. ASP ASP.net PHP.
Exa-Bytes specialize in quality Web Hosting solutions at affordable prices, along with the best technical support and customer service in the industry, Exa-Bytes provides custom solutions for your personal and business Internet needs. | |  | Hostway Virtual Private Servers (VPS) - Dedicated server hosting at a fraction of the cost. For Developers, Resellers and Systems administrators, it delivers performance, security and flexibility. Ideal for processor intensive applications or hosting multiple domains. Root and managed options. Full administrator access through Plesk Control Panel. Linux, Suse or Fedora Platforms, open source tools and software, 10Gb Disk, 50Gb Traffic. From £49.95 a month. 300,000 satisfied customers worldwide, Hostway - hosting the way you want it.
Simple, reliable, cost-effective ASP hosting.
Hostway’s ASP driven solutions include support for ASP3 & ASP.NET v.1.1, with MSSQL, MS Access, Advanced Website Tools & Analytics (Urchin), STM1 connectivity, Daily Data Backup and 99.9% Network uptime. All this and the most functional control panel around. Shared solutions from £8.95/mth, see our website for dedicated pricing. The No.1 Global Hosting Provider. | |
|
Feature Host
SingleHop
We Manage IT Differently
|
