Ancient virus catches out US government

The US government has been accused of scaremongering after issuing a security alert about a virus which was discovered more than a year ago.

The National Infrastructure Protection Centre (NIPC) issued the warning late on Friday. It concerned a Trojan horse called DonaldD.trojan, which it said spreads as an email attachment with the President of the Philippines Joseph Estrada's nickname (erap estrada) in the subject line.

In its bulletin, the NIPC said: "Once the attachment is opened, the DonaldD.trojan is executed and can be exploited to collect user names and passwords from the victim."

It said the Trojan is currently spreading mainly in the Philippines and is considered a low threat to the US.

Graham Cluley, senior technology consultant at UK based antivirus company Sophos, said the virus, which is also known as Troj/DonaldDick, was first reported in September last year.

It allows a remote user to control several functions on a local machine including opening and closing the CD drive tray and switching the monitor on or off. The remote user is also able to steal passwords, upload and download files, gain access to the registry and start or stop certain processes.

"The NIPC have been somewhat hasty in issuing their alert, as just about every antivirus product has been capable of detecting this Trojan horse for a year or so," said Cluley.

"There is a real danger in these organisations issuing virus alerts without checking their facts properly. Anyone can shout 'fire' in a cinema, but if you actually want to put one out you call on the expert firemen," he added.