Press Releases

Browse our press release archive

04 May 2006

World Cup wallchart Trojan horse spammed out by hackers

Sophos customers protected through proactive protection

Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have warned users about a Trojan horse that poses as a wallchart for the soccer World Cup tournament due to take place in Germany this summer.

The Troj/Haxdoor-IN Trojan horse has been spammed out to computer users via a link in a message offering a free wallchart for fans who wish to follow their favorite teams in the international football tournament. If PC users are tempted into running the malicious program they risk allowing hackers to gain access to their computer for criminal ends.

All examples of the emails seen so far have been in the German language, but there is no reason to believe that hackers will not switch to using other languages to increase their pool of potential victims.

A typical example of the message reads as follows:

The emails claim to offer a World Cup wallchart

The emails claim to offer a World Cup wallchart.

"The World Cup is one of the biggest sporting events of the year, and fans all over the globe will be following their national team avidly," said Graham Cluley, senior technology consultant for Sophos. "Malware authors are playing on interest in the tournament to try and infect as many people as possible, in an attempt to seize control, steal from, and spy on innocent users' computers."

Sophos's proactive technology was capable of detecting the Trojan horse (naming it as Troj/Haxdor-Fam), defending customers' computers without requiring an update.

Sophos experts report that this is not the first time that hackers have taken advantage of the World Cup competition.

A year ago, the Sober-N worm offered tickets to the tournament in an attempt to entrap unprotected users.

In 2002, the VBS/Chick-F virus tried to exploit workers desperate to find out the latest scores from the World Cup in S Korea/Japan.

In 1998, in the run-up to the World cup competition in France, another football-inspired virus asked infected victims to gamble on who the winner might be, and if the user did not choose the right team triggered a warhead which was capable of wiping all the data off the hard drive.

"It would be no surprise at all if more malware was written as the World Cup rapidly approaches," continued Cluley. "Everyone should be careful not to fall foul of football-related viruses and Trojan horses, as well as soccer-related spam and lottery scams."

Companies are recommended to protect their email with a consolidated solution to thwart the virus, spyware and spam threats and secure their desktops and servers with automatically updated anti-virus protection.

About Sophos

More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing complete security solutions that are simple to deploy, manage, and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, mobile and network security solutions backed by SophosLabs - a global network of threat intelligence centers.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.