Press Releases

Browse our press release archive

28 Jul 2006

Victoria's secret spyware attack steals hearts, usernames and passwords

Keylog-HD Trojan horse displays slideshow of potential Russian love match

Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have reminded internet users to be on their guard following the discovery of a spyware Trojan horse that displays pictures of a potential Russian love match while secretly stealing information.

When first run on a user's computer, the Troj/Keylog-HD Trojan horse displays a slideshow of 3 photographs of a young woman called "Victoria Stasova". Accompanying the photographs is a love heart and an AOL email address.

However, while the pictures are being displayed, the malware steals keypresses and information from the infected user's PC which could allow hackers to plunder bank accounts and commit identity theft.

Two pictures from the Trojan horse's slideshow

Two pictures from the Trojan horse's slideshow.

"The danger is that people might think they are just looking at pictures of a Russian beauty who is on the lookout for love. But behind the scenes, information and keypresses - including usernames and passwords - are being secretly stolen from the PCs by hackers," said Graham Cluley, senior technology consultant for Sophos. "One of the ways in which malware like this could work is that computer users could find themselves being chatted up online by someone who they believe is a potential love match, and then be sent the slideshow as the virtual romance blossoms. Having found new love victims may rush to run the slideshow with their head in the clouds, and not realise their finances are being consigned to the gutter."

Although Sophos has not seen a large number of reports of the Trojan horse, it recommends that users ensure their anti-virus protection is up-to-date and they exercise caution about which programs they choose to run on their computers. Sophos has been protecting against the Keylog-HD Trojan horse since 22:26 GMT on 27 July 2006.

Sophos recommends that businesses defend their desktop and servers with automatically updated protection against viruses, spyware and spam to reduce the chances of malicious attack.

About Sophos

More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing complete security solutions that are simple to deploy, manage, and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, mobile and network security solutions backed by SophosLabs - a global network of threat intelligence centers.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.