Article

New Trojan spreads via spam

Bill Brenner

Backdoor-CGT has been labeled a low risk by most antivirus firms. But the Trojan's method of travel has one security firm worried that attackers are finding quicker ways to do their deeds.

Natasha Staley, an information security analyst for New York-based e-mail security firm MessageLabs Inc., said the Trojan is worrisome because it uses spam to spread quickly across the Internet.

"The scary thing about this is that it was spammed out, which allowed it to move rapidly in a short period of time," Staley said. "Attackers know they have a short window of opportunity when they launch Trojan horse programs, and this shows they are finding ways to move more quickly. The lines between viruses and spam are no longer clear."

The program -- also known as Xebiz-A, Troj/Xebix-A, and Trojan.Win32.Genme-A -- is installed after e-mail recipients using Microsoft Outlook follow a URL in the message, Cupertino, Calif.-based security software giant Symantec said in an

    Requires Free Membership to View

advisory. Windows 2000, 95, 98, ME, NT, Server 2003 and XP are affected.

In its advisory, Panda Software of Glendale, Calif., said the Trojan connects to a sWeb site to download another Trojan, Zerolin-A, to the affected computer.

Staley said MessageLabs received nearly 4,000 e-mail messages linked to the Trojan during a two-hour period Tuesday morning, even though up-to-date versions of Outlook and antivirus software-protected systems are immune.

"The first 24-48 hours are always the most dangerous when something new like this appears," Staley said. "Because they allow remote access, someone can install key loggers and spyware and access financial data. It underscores the need for users to update their antivirus and keep their systems patched."


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: