Security news28 July 2006
Victoria's secret spyware attack steals hearts, usernames and passwords Keylog-HD Trojan horse displays slideshow of potential Russian love match
Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have reminded internet users to be on their guard following the discovery of a spyware Trojan horse that displays pictures of a potential Russian love match while secretly stealing information.
When first run on a user's computer, the Troj/Keylog-HD Trojan horse displays a slideshow of 3 photographs of a young woman called "Victoria Stasova". Accompanying the photographs is a love heart and an AOL email address.
However, while the pictures are being displayed, the malware steals keypresses and information from the infected user's PC which could allow hackers to plunder bank accounts and commit identity theft.
Two pictures from the Trojan horse's slideshow.
"The danger is that people might think they are just looking at pictures of a Russian beauty who is on the lookout for love. But behind the scenes, information and keypresses - including usernames and passwords - are being secretly stolen from the PCs by hackers," said Graham Cluley, senior technology consultant for Sophos. "One of the ways in which malware like this could work is that computer users could find themselves being chatted up online by someone who they believe is a potential love match, and then be sent the slideshow as the virtual romance blossoms. Having found new love victims may rush to run the slideshow with their head in the clouds, and not realise their finances are being consigned to the gutter."
Although Sophos has not seen a large number of reports of the Trojan horse, it recommends that users ensure their anti-virus protection is up-to-date and they exercise caution about which programs they choose to run on their computers. Sophos has been protecting against the Keylog-HD Trojan horse since 22:26 GMT on 27 July 2006.
Sophos recommends that businesses defend their desktop and servers with automatically updated protection against viruses, spyware and spam to reduce the chances of malicious attack.
Free virus scan
- Free virus, spyware, and adware scan
- Test your existing anti-virus protection
- Find threats your anti-virus missed
About Sophos
Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com
