Bad Trojan comes in the guise of Better Business Bureau mail
Better Business Bureau is an organization committed to the cause of promoting trust and confidence on the Internet through Online Reliability and Privacy Seal programs. But an email circulating on the net in its name is definitely no good news for business houses, for it’s a ploy to infect their computer networks with a Trojan Downloader, say experts at the advanced security solution provider MicroWorld Technologies.
It begins with an email purportedly coming from BBB, which talks about a fabricated complaint from a customer and shows the basic details of the dispute. The mail then tells the recipient that the instructions on how to resolve the issue and a copy of the original complaint are attached with it.
After the victim downloads the attached document, it shows another embedded file with a PDF icon, which actually is a Trojan Downloader named Win32.Agent.bpw. When the user double click on the icon, the Trojan Downloader gets activated and attempts to bring in a possibly malicious file from a predecided location by injecting itself into a hidden Internet Explorer window.
Not to evoke any suspicion after the user clicks on the PDF, it also shows a message which says Adobe Acrobat could not open the file owing to file corruptions. “This malware mail is remarkable for its convincing legal language and some smart techniques applied in making the user not to smell a rat in the whole process,” points out Sunil Kripalani, Vice President, Global Sales and Marketing, MicroWorld Technologies.
“The email comes in a standard legal letter format and is devoid of common grammatical glitches found in Virus propagating mails. Since it carries an RTF file with an embedded PDF, some users may not suspect any foul play and the error message shown at the end of it may prompt them to take the whole incident lightly, perhaps thinking of it as a case of mistaken identity. But the Trojan would have done its job by this time,” adds the MicroWorld VP.
As an integrated security solution provider for Enterprises, MicroWorld offers a range of solutions to protect business networks from threats like these as well as a variety of other digital perils.
Its mail security solution “MailScan’ provides comprehensive protection against Viruses, Worms , Trojans, Backdoors, Spam, Phishing and many other malicious programs by blocking them all at the mail gateway. On the other hand, “eScan’ from MicroWorld acts as an AntiVirus, AntiSpam and content Security solution for servers and desktops.