Trojan Horse Mass-Mailed To Many Internet Users, Sophos Warns Of Malware

Menace Experts at Sophos have warned users to be wary of unsolicited emails claiming to contain photographs, after a Trojan horse was spammed to internet users. Many companies have reported sighting the Trojan horse at their email gateways. The Troj/BagleDl-A Trojan horse has been distributed in an email with the following characteristics: Subject: foto Message body: foto Attached file: foto.zip or fotos.zip If the user opens the attached zip file, and launches the HTML file contained within, the Trojan will attempt to download a malicious program from one of more than 130 separate websites, many based in Eastern Europe every six hours. “Whoever is behind this Trojan horse is trying to increase the harm they cause by using a wide variety of different websites to spread their code, and by telling infected computers to download an updated payload every six hours,” said Graham Cluley, senior technology consultant for Sophos. “This makes it harder to shut down every website under his or her control, and means the malware code can be easily and regularly updated. The mass distribution of this Trojan horse is a seeding for further attacks.” “All computer users should ensure their anti-virus protection is up-to-date and able to counter this latest menace,” continued Cluley. “Everyone should be wary of launching unsolicited email attachments and ensure their PCs are properly defended.” The BagleDl-A Trojan horse appears to be from the same author as the Bagle worm which struck thousands of unprotected computer users earlier this year. More information about Troj/BagleDl-A can be found at: