A new and potentially very dangerous ?trojan horse? program called Win_dial can steal your username and password, giving hackers access to your Internet account.
Even corporate remote access servers are not safe from the Win_dial trojan horse and Dr. Solomon?s Software has sent out a warning. The company claimed it was informed of the existence of the trojan horse by a Swiss Internet service provider (ISP). Win_dial can strike PCs running Windows NT, Windows 95 and, presumably, Windows 98.
Unlike a virus, a trojan horse does not replicate. It must be sent intentionally to a specific target and the user must execute it. Typically, trojan horses are sent as attachments to email messages.
In the case of Win_dial, a group of Swiss users apparently received an e-mail message claiming that the attached program would update their dial-up software. When executed, the program copied that user?s list of phone numbers, user names and passwords.
This information was then immediately emailed to a number of anonymous email addresses belonging to the authors of the trojan horse program.
ISP passwords are encrypted by Windows but it seems new tools can crack the encryption. There have been earlier cases of trojan horse programs that attempt to steal a user?s ISP password. But Glenn Jordan, senior technology consultant at Dr. Solomon?s, said there is an important difference.
?These trojans used to be targeted specifically at one ISP. But this one is very broad. It will work with most ISPs and on most Intel-based systems.?
Alarmingly, Win_dial will also send usernames and passwords to corporate remote access servers. This would give hackers access to a company?s Lan with all the privileges of the user whose password they have stolen.
Win_dial was probably developed by a group of hackers with a specific target in mind, Jordan suspected. However, he said the program can easily be modified by other hackers, who can fill in their own email address as a destination for the stolen passwords. A hacker could conceivably send out millions of copies of the program, improving his chances of stumbling upon naove users.
Dr. Solomon?s claimed that an updated version of its Win Guard resident virus protection software will recognise Win_dial and protect users from it. But Jordan admitted that Win_dial might be modified by other hackers in such a way that it would, again, become undetectable.
?Antivirus software is not a substitute for common sense,? said Jordan. ?Don?t click on things that come from people you don?t know that say ?click me?.?
And, yep, it'll run Android rather than RiscOS
US engineering giant's cost-cutting outsourcing plan is on the rocks, according to insiders
HP Envy X2 laptop only affordable if you've got loadsamoney
Counterfeit code-signing certificates enabling hackers to hide malware being sold by cyber criminals
Certificates can be used as part of layered obfuscation to evade detection by anti-virus software