[ISN] Illiterate Trojan found in wild
InfoSec News
isn at c4i.org
Wed Jun 9 06:06:24 EDT 2004
http://www.theinquirer.net/?article=16461
By Nick Farrell
09 June 2004
SEVERAL COPIES of a two-stage Trojan virus, which uses an exploit to
download and execute an encoded visual basic script from a website,
have been seen in the wild.
According to security firm MessageLabs it has intercepted several
copies of a new Trojan this week although there are no other
indications that it will be a major problem.
No-one has come up with a name for it yet, although judging by the way
it works, perhaps illiterate might be a good title. It appears in an
email with a header which seems to have been penned by someone to whom
English is a foreign language.
It creates an executable file which appears to download a malicious
program from the same website as the original script.
Early indications suggest that this is similar to previous attacks
where Trojans have been used to install key loggers and password
stealers. For the record, don't open any emails with the following
headers:
Subject: about the thing we talked last week..
Hello , This is the letter I told ill wrote for ya..
Here is it.. like you asked for me 2 days ago
Hey whatsup remember me?
please , asnwer me.. you dont answer for me like 5 weeks allready.
Re: Hello
the email from 2 days ago.. here is my replay..
whats wrong with you ? why you dont answer to my emails?
why you dont answer to my emails.., whats wrong ?
More information about the ISN
mailing list