Indonesia | Singapore
   

Features

"My best photo ever!" Trojan Horse Spammed Out

By Sophia Mayengbam
 
 
 
Experts at SophosLabs, Sophos’ global network of virus, spyware and spam analysis centers, have warned of a Trojan horse that has been spammed out to email addresses disguised as a digital photograph. The email messages, which has Troj/Dloadr-AKX Trojan horse, has the following characteristics:

Subject line:

My best photos!
or
the best pictures of us. Just take a look, i'm excited!
or
Wanna see?
or
You've asked for pictures. See this.

Message body:

Hi, Honey

My best photo ever!

Xoxoxo

Attached file: photos.zip

Inside the ZIP file is another file called DSC00342.jpg .exe.

Inside the ZIP file is another file called DSC00342.jpg .exe.

Sophos said the executable file is a Trojan horse designed to download further malicious code from the internet, but disguises itself as a JPG graphic by using a double extension and inserting multiple spaces into the filename.

"Opening the file will not show you a digital picture, but instead blast open a hole in your PC's security," said Graham Cluley, senior technology consultant at Sophos. "Anyone unfortunate enough to run this program is running the risk of allowing hackers to gain access to their computer to spy, steal and cause havoc."

Sophos recommends that all computer users should ensure that they are running an anti-virus product which is configured to automatically update itself, security patches and firewall software.

"This Trojan horse reminds computer users that keeping anti-virus software up-to-date is essential," continued Cluley. "Regular anti-malware updates combined with sensible safe computing policies and strong email policy at the gateway reduces the risk of threats like this."
Sophos warns of another spyware Trojan horse that displays pictures of a potential Russian love match while secretly stealing information.

While the pictures are being displayed, the malware steals keypresses and information from the infected user’s PC which could allow hackers to plunder bank accounts and commit identity theft.

Although Sophos has not seen a large number of reports of the Trojan horse, it advises companies to protect their email gateways with a consolidated solution to defend against viruses, spyware and spam, as well as apply an email policy that filters unsolicited executable code at the gateway.
 
 
print save email comment
print save email comment
 
 

 
 
 
 
 
 

Copyright @ 2004 Software & Support Media
Powered By Media Teknologi Informasi Corp.
Privacy Policy     Terms of Use