|
| The Trojan horse is accompanied by an animated
GIF of a singing lion. Although the image carries a copyright
message from 123Greetings.com, the Trojan horse has no connection
with the company. |
Experts at SophosLabsâ„¢, Sophos's global
network of virus and spam analysis centers, have warned users about
a Trojan horse which tries to steal confidential passwords and
other data from infected computers. Bizarrely, the Trojan horse is
accompanied by an animated picture of a lion wishing a happy
birthday as it steals information from unsuspecting users.
Innocent computer users are being tempted to download the
Troj/LdPinch-BD Trojan
horse after a download link to the file was included in a spam
campaign. The Trojan horse is designed to steal sensitive
information, including passwords, from various applications.
Information stolen can include:
- computer details (OS version, memory, CPU etc.)
-
- available drives (drive letter, type and free space)
-
- hostname and IP address
-
- Windows folder volume information
-
- Passwords and confidential information from 'Protected
Storage'
-
- POP3 and IMAP server information, usernames and passwords
-
- FTP usernames and passwords
-
- RAS dial-up settings
-
Information stolen from infected computers is sent to a remote
website, and the Trojan horse attempts to download further
malicious code. However, at the time of writing, it appears the
Trojan is not successfully downloading further code.
"This Trojan horse is designed to hand over confidential data
from your PC straight into the hands of the hackers," said Graham Cluley, senior
technology consultant for Sophos. "Anyone venturing into the jungle
of the internet needs to be properly defended against attack with
up-to-date anti-virus software, firewalls and security
patches."
Sophos experts believe that the Troj/LdPinch-BD Trojan horse is
further evidence of a growing trend of more malware spying on
innocent home computer owners and poorly-protected businesses.
"More criminals are writing spyware and viruses than ever
before. They are becoming more aggressive in their attempts to find
new computers to infect and control, with the objective of stealing
money and resources from the unprotected," continued Cluley. "If
you attach a new, unpatched and unprotected computer to the
internet then it can easily be under the control of hackers within
a matter of minutes."
Sophos users were automatically protected against the LdPinch-BD
Trojan horse earlier today. Sophos recommends companies protect
their email gateways with a consolidated
solution to defend against viruses and spam. Businesses should
also secure their desktop and servers with automatically updated
protection.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.