Experts at SophosLabsâ„¢, Sophos's global
network of virus, spyware and spam analysis centers, have
discovered a new twist in the tactics used by malware to promote
controversial anti-spyware products.
After infecting a computer, the Troj/Paymite-J Trojan
horse looks for other computers on the network and sends a fake
warning message to them claiming that they are infected by spyware.
The broadcast message tells recipients to visit a website
immediately for a fix.
The Trojan sends fake warning
messages.
"Non-technical computer users may not be able to tell the
difference between this message and a legitimate warning, and hurry
to visit the website," said Graham Cluley, senior
technology consultant at Sophos. "If they visit the site they may
be lured into installing so-called protection software that is hard
to remove and consistently displays bogus warnings goading users
into purchasing a full version of the program."
In the past, marketeers for unscrupulous software companies have
sent spam emails, instant messages, and installed pop-up adverts
containing bogus warnings of spyware and virus infections to try
and encourage users to purchase software that they may not
need.
"Because the warning message displays the computer's IP address,
some may think it contains greater legitimacy than a regular pop-up
advert. Furthermore, because the message's recipient has not run
any suspicious code on their computer they may not realise it has
been sent from a PC belonging to one of their colleagues on the
network," continued Cluley. "Underhand and criminal tactics are
being used to market goods to unsuspecting internet users. Everyone
should exercise caution about whose software they run on their
computer, and be careful not to believe every message or email
their PC pops up in front of them."
Sophos has been protecting against the Troj/Paymite-J Trojan
horse since 12:59 GMT, Friday 26 May and has automatically updated
customers.
Sophos recommends companies put in place a consolidated solution to defend against viruses,
spyware and spam, and ensure that it is automatically updated as
new threats emerge.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.