Security news
Security news22 February 2007
Hacker pleads guilty to spreading IRC Trojan horse Washington State man disguised malicious spyware as movie link
The Trojan horse allowed the hacker to spy upon infected users.
Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have welcomed news that a man has pleaded guilty to writing and distributing a Trojan horse designed to steal usernames and passwords from computer users.
Richard C Honour, 31, faces a maximum penalty of five years in prison and a fine of $250,000 after admitting releasing malware that infected users of DarkMyst, an IRC chatroom popular with players of online role-playing games.
Honour, also known as Fyle/Anatoly, sent messages to other IRC users claiming to contain links to online movies. However, users who clicked on the links were infected with a Trojan horse instead. Honour used the Trojan horse to open a backdoor on infected PCs, spy on his victims, steal banking details and commit identity theft.
Following complaints from internet users the FBI investigated the case, and Honour was arrested at his home in Kenmore, Washington. Agents found evidence on Honour's computer indicating that he had written the malicious code, and stolen information from victims' computers.
"Criminals like Richard Honour lure the unwary by disguising their Trojan horses as seemingly harmless links to movie files," said Graham Cluley, senior technology consultant for Sophos. "The rise of the Trojan has been one of the key developments in cybercrime in recent years, as hackers increasingly use them to steal information and money from unsuspecting internet users. Everyone should be on their guard against this type of attack - and the authorities should be congratulated for bringing complicated cases such as this to a successful resolution."
Sentencing is scheduled for 4 May, 2007, in St Louis, Missouri.
In January, Sophos published its Security Threat Report 2007, which revealed the rise in use by hackers of Trojan horses. The report can be downloaded from the Sophos website:
Sophos recommends companies automatically update their corporate virus protection, and run a consolidated solution at the email gateway to defend against viruses, spyware and spam.
Download now
- SQL injection attacks are the biggest threat
- 90% of malware on legitimate sites
- Hackers exploit Web 2.0
About Sophos
Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com
