Sophos Warns Of New Trojan 'Phishing' For Cash
Posted on 19.01.2004
Sophos, a world leader in anti-virus and anti-spam protection for businesses, warns of a new Trojan called Mmdload (Troj/Mmdload-A) which is the latest piece of malware attempting to dupe users into disclosing their bank account details. Sophos has received several reports of this Trojan circulating in the wild which hints that the email message may have been spammed out.

Mmdload arrives as a zipped attachment in an email which carries exactly the same subject line and text used by the recent Mimail-N worm. The message offers recipients the chance to win some cash, which will be placed directly in their bank accounts, as long as they fill in the form asking for personal financial details.

Once the attachment is unzipped and its file, PAYPAL.exe, is launched, the Trojan attempts to contact a Russian website, www.aquarium-fish.ru, to download a copy of Mimail-N giving it a new lease of life by enabling it to bypass email gateway protection. This is the same website to which Mimail-N worm attempts to send the completed PayPal forms.

"This is the latest Trojan 'phishing' for personal financial data," said Carole Theriault, security consultant at Sophos. "The malicious coders know that not everyone who receives the email will be a PayPal customer, but similar to the mindset of spammers, if only a few people fall for the ruse, there is an opportunity to drain bank accounts."

As well as desktop anti-virus protection, Sophos recommends that companies consider blocking all programs at the email gateway. It is rarely necessary to allow users to receive programs via email from the outside world. There is so little to lose, and so much to gain simply by blocking all emailed programs, regardless of whether they contain viruses or not.

"Best practice for business should include automatic blocking of all executable code at the email gateway," continued Theriault. "Reputable companies do not send out files in this way, and users should think twice before they click on unsolicited email messages."





Spotlight

Almost 1 in 10 Android apps are now malware

Posted on 28 July 2014.  |  Cheetah Mobile Threat Research Labs analyzed trends in mobile viruses for Q1 and Q2 of 2014. Pulling 24.4 million sample files they found that 2.2 million files had viruses. This is a 153% increase from the number of infected files in 2013.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Jul 28th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //