Posted on 01/21/2005 10:50:14 PM PST by Inkagnitow
Getting headline news sent via e-mail is a common activity that a new worm in the wild is hoping to take advantage of. Security firm Sophos this week reported the discovery of a worm that takes headlines from the CNN Web site and attempts to install a Trojan on the recipient's PC.
Sophos has called the worm Crowt-A(W32/Crowt-A). In addition to taking the subject from the CNN news site, it also takes message text, which further helps create the facade of legitimacy. As with many worms, the malicious code is contained in an attachment that is used to deploy its payload.
In the case of Crowt-A that payload is a Trojan keylogger that logs and then sends the user's keystrokes to a remote address. The Trojan also provides a backdoor allowing an attacker remote access to the infected machine.
The worm propagates by its own e-mail engine to addresses found in the Windows address book or even the Windows internet cache folder. The forged headers that the worm creates, however, make it appear as though the e-mail was sent via Microsoft Outlook Express.
"Virus writers are always looking for new tricks to entice innocent computer users into running their malicious code; this latest ploy feeds on people's desire for the latest news," said Carole Theriault, security consultant at Sophos, in a statement. "Many people subscribe to legitimate e-mail news updates, but the message is simple -- businesses need to make sure their anti-virus detection is constantly updated, and users need to be suspicious of all unsolicited e-mail whether it's promising celebrity pictures or news updates."
They should have named the trojan W32/AaronBrown.A
Just renewed my Norton 2005 antivirus. Not that I'd go on CNN website anyway.
Thanks for the info..I have to disable Norton to even get to CNN..I over modified and ad to block it...( No computer genius here..LOL)
tech ping
Here's the link:
http://www.internetnews.com/security/article.php/3462851
*********************************************
Feeling the Need for RSS Feeds
Feeling the Need for RSS Feeds
Experts say Really Simple Syndication (RSS) will provide respite from the spam nightmare, offering new ways to publish and access content online. Can this format change the rules?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.