All the latest UK technology news, reviews and analysis
|
|
|
08 Jul 2005
A new plague of spam emails containing malicious Trojan software has been sent to up to 400,000 UK addresses, security specialists BlackSpider Technologies has warned.
The emails claim to be from a member of the recipient's IT team warning that their system has been compromised and is distributing spam. The emails, which carry the subject line 'Spam Report', were first detected at 3.25am yesterday.
BlackSpider said that only one vendor has so far released a patch, and that it has caught less than 50 per cent of the Trojans quarantined by BlackSpider's detection technology.
The attachment, which contains Trojan-Downloader.Win32.Small.arf, is a small executable report.log.exe file of 16KB size. If executed it downloads harmful content from an external website.
Security firm Messagelabs has detected 54,000 copies of the Trojan email.
The emails use typical social engineering techniques designed to encourage recipients to download the Trojan attachment. The message body reads:
"Your email account was used to send a huge amount of unsolicited spam messages during the recent week. If you could please take 5-10 minutes out of your online experience and confirm the attached document so you will not run into problems with the online service.
If you choose to ignore our request, you leave us no choice but to cancel your membership. Virtually yours, Network Administrator Team."
John Cheney, chief executive at BlackSpider, said: "This email has a fairly unusual social engineering aspect to it that we haven't seen before.
"What we are seeing is a growth in spam that uses wording that taps into the fears and concerns of specific users. This makes it more likely that they are tr icked into downloading the malicious attachment."
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Hands on with the highly anticipated Android 4.0 Ice Cream Sandwich hybrid tablet
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
(Roc Search - Network Support Engineer, 2nd line, 3rd...
3rd Line Engineer / Infrastructure Engineer - Berkshire...
MySQL SQL SERVER DBA / Database Administrator - Online...
PMO Analyst - Banking Client A financial organisation...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
'Spam report' Trojan spreading fast
Hello, I happen to use AVG antivirus from Grisoft, and discovered that this trojan was piggybacking on the email scanner and hence was plagued with these nuisance emails since the 4th of July 2005. Please check with your email antivirus scanner, a quick check is to check the headers of the email and look for the ip address/network address and telnet to that address on port 25 and the email antivirus scanner will report it as in my case, AVG SMTP and issue a HELO command and check what response you get and also issue a QUIT command and it will say 'Asta la Vista' which I know is not how a normal email service or generic SMTP service responds. Disable it if this happens to you. Best Regards, Tom.
Posted by: Tom Brennan 08 Jul 2005