New Trojan spreads via spam

Most antivirus firms have labeled BackDoor-CGT a low risk. But one security firm is concerned by its use of spam to spread quickly.

This Content Component encountered an error

Backdoor-CGT has been labeled a low risk by most antivirus firms. But the Trojan's method of travel has one security firm worried that attackers are finding quicker ways to do their deeds.

Natasha Staley, an information security analyst for New York-based e-mail security firm MessageLabs Inc., said the Trojan is worrisome because it uses spam to spread quickly across the Internet.

"The scary thing about this is that it was spammed out, which allowed it to move rapidly in a short period of time," Staley said. "Attackers know they have a short window of opportunity when they launch Trojan horse programs, and this shows they are finding ways to move more quickly. The lines between viruses and spam are no longer clear."

The program -- also known as Xebiz-A, Troj/Xebix-A, and Trojan.Win32.Genme-A -- is installed after e-mail recipients using Microsoft Outlook follow a URL in the message, Cupertino, Calif.-based security software giant Symantec said in an advisory. Windows 2000, 95, 98, ME, NT, Server 2003 and XP are affected.

In its advisory, Panda Software of Glendale, Calif., said the Trojan connects to a sWeb site to download another Trojan, Zerolin-A, to the affected computer.

Staley said MessageLabs received nearly 4,000 e-mail messages linked to the Trojan during a two-hour period Tuesday morning, even though up-to-date versions of Outlook and antivirus software-protected systems are immune.

"The first 24-48 hours are always the most dangerous when something new like this appears," Staley said. "Because they allow remote access, someone can install key loggers and spyware and access financial data. It underscores the need for users to update their antivirus and keep their systems patched."

Dig deeper on Email and Messaging Threats (spam, phishing, instant messaging)

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close