Security news20 September 2005
Mass-mailed email greeting card leads to malware infection, Sophos reports
Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have warned of a electronic greeting card that has been spammed out to email addresses around the world, but really attempts to install a Trojan horse onto recipients' computers.
The spammed out email messages have the following characteristics:
Subject:
You got a greeting card
Message body:
Hello
You got a greeting card. Click on the below link to collect your card.
<Link removed>
Best Regards
<Link removed>
Clicking on the link in the message can install a malicious Trojan horse.
However, when users click on the link their computer attempts to download the malicious Troj/Dloader-UT Trojan horse. Once a computer is infected by the Trojan horse, hackers can spy on users' activity including stealing passwords and monitoring the keyboard.
"You may think you've received an electronic greeting card from a secret admirer, but in fact it's a hacker who is going to be showing an unhealthy interest in you," said Carole Theriault, senior security consultant for Sophos. "People really need to think twice before they click on a web link in an unsolicited email, as it could lead to them putting their data and finances into danger."
Sophos experts note that there is a growing trend for hackers to use spam techniques to spread their malicious code to as many potential victims as possible.
"It is becoming more and more common to see Trojan horse creators and spyware authors using spam technology to maximize the number of people they can infect," continued Theriault. "It is essential that all computer users are defended with up-to-date protection against the latest viruses, spyware and spam."Sophos recommends that companies protect their email gateways with a consolidated solution to defend against viruses, spyware and spam which automatically updates itself.
