Experts at Sophos have warned of a Trojan horse that has been spammed out to millions of email addresses around the world.
The spammed out email messages, which have no subject line, typically carry the message text "new price" and an attached file which can have one of several names, including 09_price.zip, price_new.zip, and price2.zip.
The attached ZIP files all contain a malicious file called price.exe, which is the Troj/BagleDl-U Trojan horse. If launched the Trojan horse makes changes to the registry, runs Windows Notepad to act as a decoy, and attempts to turn off anti-virus and security-related software on the infected computer, opening the door for attack by remote hackers. The Trojan horse also tries to download further code from the Internet.
Graham Cluley, senior technology consultant at Sophos said,
"This Trojan horse is being aggressively seeded by its creator, using spam technology, to distribute malicious code to as many vulnerable computers as possible, in the shortest amount of time. Anyone unfortunate enough to run this program is running the risk of allowing hackers to gain access to their computer to spy, steal and cause havoc.
Keeping anti-virus software up-to-date is a must. Regular anti-virus updates combined with sensible safe computing policies and strong email policy at the gateway reduces the risk of threats like this to a minimum. We would be surprised if the malware author stops at this point - it's likely they will release further variants in an attempt to hit as many people as possible."
As ever, we recommend you keep your anti-virus software up to date.
|
|
Reader Comments: 0
