Security news26 August 2008
Hackers claim to have kidnapped babies in attempt to infect computers Trojan horse attack spammed out by cybercriminals
Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have warned of a widespread spam campaign that pretends that the receipient's baby has been kidnapped.
The campaign tries to trick innocent computer users into opening a file claiming to be photographs of the infant, but are really malicious software.
The email claims that your baby has been kidnapped.
The malicious emails carry the subject line "We have hijacked your baby" and claim that a $50,000 reward must be paid for the child's safe return.
Attached to the email is a file, entitled photo.zip, which contains a malicious Trojan horse that will download further malware from the internet to compromise PCs. Sophos detects the Trojan horse as Troj/Resex-Fam.
"Receiving or reading these widespread emails themselves does not mean you are infected," said Graham Cluley, senior technology consultant for Sophos. "However, if users open the attachment they will be infecting their Windows computer, and giving hackers an open door to take control and steal information. Once a PC is comandeered, criminals can spy, steal or launch attacks against other parts of the net."
Sophos believes that the disguise used by the hackers proves that there are no depths to which computer criminals are prepared to stoop to get financial reward.
"There's no other way of putting it - this attack is sick. Hackers have no qualms about exploiting a family's natural instinct to defend its most vulnerable members. Hopefully people will pause before opening the attachment, but the reflex action of some may be to click first and think later," continued Cluley. "Everyone should ensure they have defenses in place to properly protect against the very latest malware attacks."
Sophos recommends companies automatically update their corporate virus protection, and run a consolidated solution at the email gateway to defend against viruses and spam.
Free virus scan
- Free virus, spyware, and adware scan
- Test your existing anti-virus protection
- Find threats your anti-virus missed
About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.
