The Trojan has been spammed out to internet users.
Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have warned of a Trojan horse that has been spammed out to email addresses disguised as a message claiming that George W Bush and Tony Blair are conspiring with oil companies to push up petrol prices.
Other disguises being used by the hackers to distribute the Trojan horse include news reports that Osama Bin Laden has been killed or Michael Jackson has committed suicide, CCTV photos of an alleged university rapist, and requests for a photograph to be approved for a magazine.
The Troj/Stinx-W Trojan horse has been spammed out in email messages, which can have a variety of subject lines including "Petrol Price Conspiracy", "Campus Student Raped", or "Bush and Blair Conspire". A typical email reads as follows:
Dear colleagues and friends
We are circulating an attachment proving the major oil companies are working closely with certain politicians (as can be seen in the attached photo) to keep petrol prices at an all time high.
After a year of rising prices it is the public that are now bearing the cost of the fall out in the Middle East. Do you think this is fair? Bush and Blair can be seen shaking hands with the president of BP and Texaco after a hush hush meeting. The attached article shows that Bush and Blair know that high petrol prices drives Barrel prices up-words and so in turn increases the value of stockpiled oil. This is hiding the costs of the recent and on-going troubles in the Middle East and is a ploy to keep the current Governments confidence rating high in the public eye.
Do not be fooled by figures!
Please forward this on to anyone you think may be interested.
"Launching the attached file will not show you any evidence of politicans conspiring with oil companies, but instead open a gaping hole in the security of your PC," said Graham Cluley, senior technology consultant at Sophos. "Hackers are exploiting the public's interest in politics and breaking news to spread malware. Anyone unfortunate enough to run this program is running the risk of allowing hackers to gain access to their computer to spy, steal and cause havoc."
Sophos recommends that all computer users should ensure that they are running an anti-virus product which is configured to automatically update itself, security patches and firewall software.
"This latest version of the Stinx Trojan horse reminds business that keeping anti-virus software up-to-date is a must," continued Cluley. "Regular anti-malware updates combined with sensible safe computing policies and strong email policy at the gateway reduces the risk of threats like this to a minimum."
Sophos recommends that companies protect their email gateways with a consolidated solution to defend against viruses, spyware and spam, as well as apply an email policy that filters unsolicited executable code at the gateway. Businesses should also secure their desktop and servers with automatically updated protection.
Sophos's anti-virus products were automatically updated to protect against the Troj/Stinx-N Trojan horse at 10:36 GMT on 16 June 2006.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.