The emails pose as breaking news stories.
Experts at SophosLabs™, Sophos's global
network of virus, spyware and spam analysis centers, have warned of
a widespread spam campaign that poses as a breaking news report,
but is really an attempt to lure innocent computer users into being
infected by a Trojan horse and attacked by hackers.
The distribution has been so widespread that since midnight GMT
the Trojan has accounted for over two thirds of all malware reports
seen at Sophos's global network of monitoring stations, accounting
for an infection rate of 1 in 200 of all emails being sent across
the net.
Subject lines used in the malicious emails include, but may not
limited to, the following:
-
230 dead as storm batters Europe.
-
British Muslims Genocide
-
Naked teens attack home director.
-
A killer at 11, he's free at 21 and kill again!
-
U.S. Secretary of State Condoleezza Rice has kicked German
Chancellor Angela Merkel
Attached to the emails are files with names such as Full
Clip.exe, Full Story.exe, Full Video.exe,
Read More.exe, Video.exe which contain malicious
code.
"Whoever is behind this spam campaign has generated an
aggressive storm of email in the last 12 hours, and some inboxes
will be feeling battered by the deluge. On average, 1 in every 200
emails that people have received since midnight are likely to be
infected by this Trojan horse," explained Graham Cluley, senior
technology consultant for Sophos. "Receiving or reading the emails
themselves does not mean that you will be infected. However, users
must be very careful not to click on the attached file inside the
emails as that will install a Trojan horse on their computer and
put your PC in peril."
Sophos experts believe that the hackers have deliberately chosen
a subject line related to storms as European countries have been
hit hard by bad weather this week.
"Bad weather has been making headlines news across Europe in the
last couple of days, with a number of accidental deaths caused by
the high winds reported," continued Cluley. "Hackers are
deliberately exploiting public interest in breaking news stories
like this in their attempt to silently infect innocent users'
PCs."
Sophos products detect the malicious Trojans it has seen so far
as Troj/DwnLdr-FYD and
Troj/Small-DOR
(also known as Small.DAM) and will intercept future variants
proactively as Mal/EncPk-B using Behavioral Genotype®
Protection. Sophos's anti-spam products also intercept the
emails from reaching users' inboxes.
Sophos recommends companies automatically update their corporate
virus protection, and run a consolidated
solution at the email gateway to defend against malware,
spyware and spam.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.