IT security firm Sophos has warned computer users of a Trojan horse that has been spammed out, claiming to be a notification that an Apple iPod has been shipped to them, and their account has been charged almost 500 US dollars.
Sophos has received reports of the Dowdec-A Trojan horse, which arrives in a message claiming to be related to the purchase of an Apple iPod. The emails claim that the popular music player is being shipped via FedEx and that a payment of 479.95 US dollars has been received from the recipient’s e-gold account.
The malicious emails have the subject line ‘Track your order’.
The message body reads as follows:
Please read the following message carefully.
We notify that your order was approved and shipped to you via FedEx 2Day Service, track 792531968828.
The amount of $479.95 USD was recieved from your e-gold account.
The details of transaction and specification of chosen product we send you in self-extracting compressed-zip file.
Read it carefully to make sure that there’s no mistakes in characteristics of chosen product.
We appreciate your choice!
According to the rules, refund must be based on your original method of payment. Any requests to refund using e-gold are not accepted, if the payment method was credit card.
IPod For Your, Yahoo Shopping.’
Attached to the emails is a file called OrderInf.zip, which unpacks to OrderInfo.exe. Executing this file infects the user’s computer with a Trojan horse that attempts to download further malicious code from the internet. The Trojan only works on Windows computers, and cannot infect Apple Macs.