Erap Estrada Trojan horse threat overhyped

September 04, 2000 Sophos Press Release

Some users have been alarmed today by reports from the National Infrastructure Protection Center (NIPC) about a new Trojan horse called Erap Estrada or Philippines Trojan horse. According to the NIPC alert an email is spreading with the subject line "Erap Estrada" (the nickname of the President of the Philippines, Joseph Estrada) with a malicious attachment.

Sophos Anti-Virus researchers have determined that the malicious attachment is in fact a Trojan horse called Troj/DonaldDick (also known as DonaldD or DonaldD.Trojan).

"Reports of attacks by Troj/DonaldDick seem to have been grossly exaggerated by the media," said Graham Cluley, senior technology consultant for Sophos Anti-Virus. "There seem to be more emails being sent back-and-forth about this 'threat' than actual sightings."

Troj/DonaldDick was first discovered in September 1999, and should pose no threat to companies who have kept their anti-virus protection up to date.