The message claims to be a removal tool.
"The spammed email contains the trojan as MS05-039.exe attachment and the email subject is 'What You Need to Know About the Zotob.A Worm'," said Katrin Tocheva, antivirus researcher at F-Secure on the company's weblog.
The technique of manipulating Microsoft updates has been used before. In June SC reported the mass spamming of emails that sent users to a spoofed Microsoft site via a link. Visitors to the site received a trojan payload on their systems. F-Secure reported seeing a similar scam in June too.
The Zotob worm made headlines across the globe when it infected a number of high profile news sources. Yesterday, SC reported Zotob variants could affect Windows XP as well as 2000.
.jpg&h=140&w=231&c=1&s=0)
_(39).jpg&w=100&c=1&s=0)
iTnews Executive Retreat - Data & AI Edition
.png&w=120&c=1&s=0)
iTnews Cloud Covered Breakfast Summit
iTnews State of Security Breakfast
The 2026 iAwards
.jpg&w=120&c=1&s=0)
Integrate 2026
_(1).jpg&h=140&w=231&c=1&s=0)
