RE: Zeus Attack Spoofs NSA, Targets .gov and .mil
Zeus Attack Spoofs NSA, Targets .gov and .mil
Criminals are spamming the Zeus banking Trojan in a convincing e-mail that spoofs the National Security Agency. Initial reports indicate that a large number of government systems may have been compromised by the attack.
According one state government security expert who received multiple copies of the message, the e-mail campaign ? apparently designed to steal passwords from infected systems ? was sent exclusively to government (.gov) and military (.mil) e-mail addresses.
The messages are spoofed so that they appear to have been sent by the National Intelligence Council (address used was firstname.lastname@example.org), which serves as the center for midterm and long-range strategic thinking for the U.S. intelligence community and reports to the office of the Director of National Intelligence.
Security Update for Windows 2000/XP/Vista/7 (KB823988)
About this download: A security issue has been identified that could allow an attacker to remotely compromise a computer running Microsoft® Windows® and gain complete control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.
Jeffrey Carr is the CEO of GreyLogic, the Founder and Principal Investigator of Project Grey Goose, and the author of ?Inside Cyber Warfare?.