Web User
September 20, 2005
Quentin Reade
A Trojan horse has been spammed out to millions of email addresses around the world in an attempt to disable anti-virus and other security software.
Experts at SophosLabs said that the spammed out email messages, which have no subject line, typically carry the message text "new price" and an attached file which can have one of several names, including "09_price.zip", "price_new.zip", and "price2.zip".
The attached ZIP files all contain the malicious BagleDl-U Trojan horse. If launched, the Trojan horse makes changes to the registry, and attempts to turn off anti-virus and security-related software on the infected computer, opening the door for attack by remote hackers.
"This Trojan horse is being aggressively seeded by its creator, using spam technology, to distribute malicious code to as many vulnerable computers as possible, in the shortest amount of time," said Graham Cluley, senior technology consultant at Sophos. "Anyone unfortunate enough to run this program runs the risk of allowing hackers access to their computer - to spy, steal and cause havoc."
Sophos recommends that all computer users should ensure that they are running an anti-virus product which is configured to automatically update itself, security patches and firewall software.
http://www.sophos.com/virusinfo/analyses/trojbagledlu.html
Topic: New Trojan rides into town (Read 731 times)