Experts at SophosLabsâ„¢, Sophos's global
network of virus and spam analysis centers, have warned users about
a Trojan horse which tries to interrupt surfing of adult websites
by displaying messages from the Koran.
The Yusufali-A Trojan
horse monitors which websites Windows users are visiting by
examining the title bar of the active window. If the Trojan finds a
word it doesn't like (such as "teen", "xx", "sex" or "penis") it
minimizes the window so the user cannot see its content and
displays a message from the Koran instead:
The message displayed by the Trojan
horse.
"Unlike other malware, it appears this Trojan horse isn't trying
to steal money or confidential information, but acting as a moral
guardian instead - blocking viewing of websites it determines are
unsavory," said Graham
Cluley, senior technology consultant for Sophos. "Of course,
it's possible for the Trojan horse to make mistakes and block sites
which are not pornographic - such as medical sites, or social sites
designed for teenagers."
The Yusufali-A Trojan horse continues to display messages if the
offending website remains open, and after a while it displays a
button labelled "For Exit Click Here". As soon as the mouse is
moved the box changes to have vertical bars and the text 'OH! NO
i'm in the Cage'. The box contains LogOff, ShutDown and Restart
buttons and the mouse pointer is locked within the confines of the
box. All the buttons actually cause the computer to logout.
The Yusufali-A Trojan horse forces users to
logout of their PCs.
"This Trojan horse may have been written as a joke, or as a
serious attempt to clean-up the habits of internet users,"
continued Cluley. "Whatever the reasons behind its creations,
computer users should protect their systems with up-to-date
anti-virus software, security patches and a proper firewall."
Sophos users were automatically protected against the Yusufali
Trojan horse yesterday. Although Sophos has not received many
reports of the Trojan horse it recommends companies protect their
email gateways with a consolidated
solution to defend against viruses and spam. Businesses should
also secure their desktop and servers with automatically updated
protection.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.