Press Releases

Browse our press release archive

20 Jan 2005

Sophos discovers new worm which poses as breaking news headlines

CNN's website
The Crowt worm steals headlines from CNN's website.

Virus researchers at Sophos have identified a new worm which poses as information on the latest news stories. W32/Crowt-A takes its subject lines, message content and attachment names from headlines gathered in real-time from the CNN website. It attempts to send itself by email to addresses found on infected computers.

Crowt-A's subject line and attachment share the same name, but continually change to mirror the front-page headline on the CNN news site. The message text is also lifted from CNN's site, duping the recipient into thinking that they are reading a bonafide newsletter rather than receiving an infected email.

Crowt-A also installs a backdoor Trojan function. This attempts to log keystrokes on infected PCs and sends gathered data to a remote user. These Trojans are often used by hackers to gain unauthorised control of PCs and to steal personal information such as bank passwords.

"Virus writers are always looking for new tricks to entice innocent computer users into running their malicious code; this latest ploy feeds on people's desire for the latest news," said Carole Theriault, security consultant at Sophos. "Many people subscribe to legitimate email news updates, but the message is simple - businesses need to makes sure their anti-virus detection is constantly updated and users need to be suspicious of all unsolicited email whether it's promising celebrity pictures or news updates."

Although only a small number of instances of the worm have been sighted so far, Sophos recommends companies protect their computers with a consolidated solution to thwart the virus and spam threats as well as secure their desktop and servers with automatically updated anti-virus protection.

About Sophos

More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing complete security solutions that are simple to deploy, manage, and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, mobile and network security solutions backed by SophosLabs - a global network of threat intelligence centers.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.