Trojan horses gallop into networks

Filed under
Security

MessageLabs said it has blocked 54,000 copies of new Downloader Trojans since 6 p.m. PDT on Wednesday.

"They are pretty run of the mill--they use e-mail subjects that have been used before," Alex Shipp, a senior antivirus technologist at MessageLabs, said. "But we're detecting them from all over the place."

The e-mails, which contain the Trojan horse programs Downloader.abc and Downloader.xz, purport to be spam reports from an IT administrator. The messages ask people to run an attached file to prevent their e-mail account from being shut down. MessageLabs said people could be fooled into opening the attachments. When they are run, they open a backdoor on the infected computer for hackers to use.

MessageLabs said in a statement that both Trojans have the same e-mail characteristics. It rated the outbreak level as "high."

The message carrying the Trojans reads:
"Your e-mail account was used to send a huge amount of unsolicited spam messages during the recent week. If you could please take 5-10 minutes out of your online experience and confirm the attached document so you will not run into any future problems with the online service.

"If you choose to ignore our request, you leave us no choice but to cancel your membership.

"Virtually yours, Network Administrator Team"

Source.