Panda Software reports a spam message that download s a Trojan

Discussion in 'malware problems & news' started by Marianna, Apr 22, 2004.

Thread Status:
Not open for further replies.
  1. Marianna

    Marianna Spyware Fighter

    Joined:
    Apr 23, 2002
    Posts:
    1,215
    Location:
    B.C. Canada
    Virus Alerts, by Panda Software (http://www.pandasoftware.com)

    Madrid, April 22 2004 - PandaLabs has detected a spam message currently
    being sent to users which tries to get recipients to visit an advertising
    page and which also downloads a Trojan to users computers.

    The characteristics of the message are:

    From: the name of the sender is variable, although it tries to make
    recipients think it has been sent by the BBC or CNN.

    Subject: "Osama Bin Laden Captured",

    Message text: "Hey, Just got this from CNN, Osama Bin Laden has been
    captured! Goto the link below to view the pics and to download the video if
    you so wish: (Internet address) "Murderous coward he is". God bless
    America!".

    The address indicated in the message takes users to what appears to be an
    advertising page. However, the page contains code that exploits a
    vulnerability (detected by Panda antivirus as Exploit/MIE.CHM). The code
    also downloads and runs a file (detected as VBS/Psyme.C). Finally, a file
    called EXPLOIT.EXE, which contains the Trojan Trj/Small.B is downloaded from
    Internet onto users' machines.

    Panda Software advises users to treat e-mails received with caution and to
    update their antivirus software. The company has already made the updates to
    its products available to users to ensure their solutions can deal with this
    threat. Similarly, users can also detect and disinfect malicious code using
    the free, online antivirus, Panda ActiveScan, which is also available on the
    company's website at http://www.pandasoftware.com
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.