Trojan blitz poses as credit card warning
Print storyOh Mother, it's happening again
Posted in Anti-Virus, 23rd January 2006 08:16 GMT
Free whitepaper – Securing your online data transfer with SSL
UK businesses faced a barrage of 115,000 emails containing a new Trojan on Friday, 22 January before anti-virus vendors scrambled out an update, according to email filtering firm BlackSpider Technologies.
The Trojan downloader malware - called Agent-ADO - comes in the payload to a message that poses as a warning about a user's credit card limits been exceeded.
BlackSpider detected the malware at 0910GMT, 20 January. But it was three-and-a-half hours before the first anti-virus vendor used by BlackSpider issued a patch, once again illustrating the shortcomings of conventional ant-virus scanners in fighting fast-moving virus outbreaks.
Infected emails commonly have the subject line "ERROR:YOUR CREDIT CARD OVERDRAFT EXCEED!" and an infected attachment, a packed executable file called FILE1185 which is 5592 bytes long. Analysis of the malware is ongoing. Sysadmins are encouraged to set up rules to block the malware at the gateway. The rest of you: resist the temptation to open the attachments of unsolicited emails.
Virus writers commonly use networks of compromised PCs to seed infection over a short space of time but the ferocity of the latest attack is unusual. ®
Free whitepaper – Certify your software integrity with Thawte code signing certificates
The business case for application security
Reducing messaging and web security costs with managed services
Avoiding 7 common mistakes of IT security compliance
Server-gated cryptography
Airport insecurity: the case of lost laptops
Feds: Hospital hacker's 'massive' DDoS averted
Buggy 'smart meters' open door to power-grid botnet
Microsoft knew of nasty IE bug a year before attacks
BlockMaster SafeStick hardware-encrypted USB drive