In this section

• Home
• Press office
• News archive
• Articles
• 2007
• 06

• Journalists' guide
• News archive

Talk to our experts

• Press contacts

Resources

• Sophos Podcasts
• Image gallery
• Customer case studies
• Free anti-virus
• White papers
• Awards and reviews
• Industry affiliations

Sophos blogs

• SophosLabs blog
• Graham Cluley's blog
• Paul Ducklin's blog
• Chet's blog

Info feeds

• Security news
• Company news
• More...

What are info feeds?

26 June 2007

Shockwave as Trojan horse uses animated disguise Windows users risk being duped by animation smokescreen

The Trojan horse plays a Shockwave animation by Italian cartoonist Bruno Bozzetto.

Experts at Sophos, a world leader in IT security and control, have discovered a Trojan horse that disguises its malicious intent by playing a humorous animation.

The Troj/Agent-FWO Trojan horse plays the popular "Yes & No" Shockwave video created by the Italian animator Bruno Bozzetto, but only after embedding itself on users' computers and downloading further malicious code from the internet.

"Yes & No", which was published on the internet by Bozzetto in 2001, is a humorous video about how obeying the rules of the road does not always make sense. Hundreds of thousands of people are believed to have watched the online animation. According to Sophos experts, the Trojan horse is playing the animation as a smokescreen as it silently infects Windows computers.

"It's important to realise that the animation itself is not malicious - thousands of artists, like Bruno Bozzetto, have created funny movies whose only negative can be the hours that have been spent watching them," said Graham Cluley, senior technology consultant for Sophos. "But the Trojan horse which is playing the animation in this instance is dangerous. Troj/Agent-FWO is exploiting society's predilection for forwarding humorous animations on to friends and family in its attempt to infect as many people as possible."

• Read more about this Trojan horse on the SophosLabs blog

Sophos recommends companies automatically update their corporate virus protection, and defend their users with a consolidated solution to defend against the threats of viruses, spyware, hackers and spam.

• Bookmark with del.icio.us
• Submit this story to digg
• Submit this story to slashdot

Free virus scan
Download the Threat Detection Test

• Free virus, spyware, and adware scan
• Test your existing anti-virus protection
• Find threats your anti-virus missed

About Sophos

More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.

See also:

• Macromedia virus: a flash in the pan?
• Sign up now for free notification of new viruses found in the wild