Security news4 May 2006
World Cup wallchart Trojan horse spammed out by hackers Sophos customers protected through proactive protection
Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have warned users about a Trojan horse that poses as a wallchart for the soccer World Cup tournament due to take place in Germany this summer.
The Troj/Haxdoor-IN Trojan horse has been spammed out to computer users via a link in a message offering a free wallchart for fans who wish to follow their favorite teams in the international football tournament. If PC users are tempted into running the malicious program they risk allowing hackers to gain access to their computer for criminal ends.
All examples of the emails seen so far have been in the German language, but there is no reason to believe that hackers will not switch to using other languages to increase their pool of potential victims.
A typical example of the message reads as follows:
The emails claim to offer a World Cup wallchart.
"The World Cup is one of the biggest sporting events of the year, and fans all over the globe will be following their national team avidly," said Graham Cluley, senior technology consultant for Sophos. "Malware authors are playing on interest in the tournament to try and infect as many people as possible, in an attempt to seize control, steal from, and spy on innocent users' computers."
Sophos's proactive technology was capable of detecting the Trojan horse (naming it as Troj/Haxdor-Fam), defending customers' computers without requiring an update.
Sophos experts report that this is not the first time that hackers have taken advantage of the World Cup competition.
A year ago, the Sober-N worm offered tickets to the tournament in an attempt to entrap unprotected users.
In 2002, the VBS/Chick-F virus tried to exploit workers desperate to find out the latest scores from the World Cup in S Korea/Japan.
In 1998, in the run-up to the World cup competition in France, another football-inspired virus asked infected victims to gamble on who the winner might be, and if the user did not choose the right team triggered a warhead which was capable of wiping all the data off the hard drive.
"It would be no surprise at all if more malware was written as the World Cup rapidly approaches," continued Cluley. "Everyone should be careful not to fall foul of football-related viruses and Trojan horses, as well as soccer-related spam and lottery scams."
Companies are recommended to protect their email with a consolidated solution to thwart the virus, spyware and spam threats and secure their desktops and servers with automatically updated anti-virus protection.
Free virus scan
- Free virus, spyware, and adware scan
- Test your existing anti-virus protection
- Find threats your anti-virus missed
About Sophos
Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com
