Experts at SophosLabs™, Sophos's global
network of virus, spyware and spam analysis centers, have warned of
a Trojan horse that has been spammed out to email addresses
disguised as a digital photograph.
The Troj/Dloadr-AKX Trojan
horse has been spammed out in email messages, which has the
My best photos!
the best pictures of us. Just take a look, i'm
You've asked for pictures. See this.
My best photo ever!
Inside the ZIP file is another file called DSC00342.jpg
The executable file is a Trojan horse designed to download
further malicious code from the internet, but disguises itself as a
JPG graphic by using a double extension and inserting multiple
spaces into the filename.
"Opening the file will not show you a digital picture, but
instead blast open a hole in your PC's security," said Graham Cluley, senior
technology consultant at Sophos. "Anyone unfortunate enough to run
this program is running the risk of allowing hackers to gain access
to their computer to spy, steal and cause havoc."
Sophos recommends that all computer users should ensure that
they are running an anti-virus product which is configured to
automatically update itself, security patches and firewall
"This Trojan horse reminds computer users that keeping
anti-virus software up-to-date is essential," continued Cluley.
"Regular anti-malware updates combined with sensible safe computing
policies and strong email policy at the gateway reduces the risk of
threats like this."
Although Sophos has received no reports to date of customers
encountering the Trojan horse, it has seen many incidents of the
malware at its global network of spam traps. Sophos's anti-virus
products were automatically updated to protect against the
Troj/Dloadr-AKX Trojan horse at 15:15 GMT on 28 June 2006.
Sophos recommends that companies protect their email gateways
with a consolidated solution to defend
against viruses, spyware and spam, as well as apply an email policy
that filters unsolicited executable code at the gateway. Businesses
should also secure their desktop and servers with automatically