VXers release 'London bombing' Trojan
Print storyScumbags spread spambot
Posted in Anti-Virus, 8th July 2005 16:42 GMT
Free whitepaper – Securing your Microsoft Internet Information Services (MS IIS) web server
Virus writers have created a Trojan which poses as London terrorist attack news footage. Infected emails harbouring the Trojan pose as a CNN Newsletter which asks recipients to ‘See attachments for unique amateur video shots’ (example below).
If executed, the malicious attachment turns infected Windows PCs into spam zombies. The as-yet unnamed Trojan attempts to obtain a list of SMTP servers that the victim's machine is configured to use and starts to use these servers to send large volumes of unsolicited mail. Email security firm MessageLabs has intercepted a handful of copies of the malware, so it's not widespread, but it does illustrate the depth virus writers are prepared to sink to in order to spread their wares.
The use of topical events to spread malware is nothing new and it wouldn't surprise us if most London bombing-themed Trojans were created. It's yet another reason to avoid any temptation to open unsolicited email attachments. ®
From: breakingnews@cnnonline.comSubject: TERROR HITS LONDON
Filename: 'London Terror Moovie.avi <124 spaces> Checked By Norton Antivirus.exe'
Related stories
UK under cyber blitz
UK Trojan siege has been running over a year
Spyware blizzard shows no sign of let up
Clueless office workers help spread computer viruses
Trojan downloader spam poses as admin email
Free whitepaper – Certify your software integrity with Thawte code signing certificates
Hosted security IT manager's guide
Jump start your Application Security initiatives
Securing your Apache web server with a Thawte digital certificate
Vulnerability management buyer's checklist
Email continuity
Google cloud told to encrypt itself
Buggy 'smart meters' open door to power-grid botnet
Chinese firm hits back at cyberspy claims
BlockMaster SafeStick hardware-encrypted USB drive