Sophos Warns Of New Trojan 'Phishing' For Cash
Posted on 19.01.2004
Sophos, a world leader in anti-virus and anti-spam protection for businesses, warns of a new Trojan called Mmdload (Troj/Mmdload-A) which is the latest piece of malware attempting to dupe users into disclosing their bank account details. Sophos has received several reports of this Trojan circulating in the wild which hints that the email message may have been spammed out.

Mmdload arrives as a zipped attachment in an email which carries exactly the same subject line and text used by the recent Mimail-N worm. The message offers recipients the chance to win some cash, which will be placed directly in their bank accounts, as long as they fill in the form asking for personal financial details.

Once the attachment is unzipped and its file, PAYPAL.exe, is launched, the Trojan attempts to contact a Russian website, www.aquarium-fish.ru, to download a copy of Mimail-N giving it a new lease of life by enabling it to bypass email gateway protection. This is the same website to which Mimail-N worm attempts to send the completed PayPal forms.

"This is the latest Trojan 'phishing' for personal financial data," said Carole Theriault, security consultant at Sophos. "The malicious coders know that not everyone who receives the email will be a PayPal customer, but similar to the mindset of spammers, if only a few people fall for the ruse, there is an opportunity to drain bank accounts."

As well as desktop anti-virus protection, Sophos recommends that companies consider blocking all programs at the email gateway. It is rarely necessary to allow users to receive programs via email from the outside world. There is so little to lose, and so much to gain simply by blocking all emailed programs, regardless of whether they contain viruses or not.

"Best practice for business should include automatic blocking of all executable code at the email gateway," continued Theriault. "Reputable companies do not send out files in this way, and users should think twice before they click on unsolicited email messages."





Spotlight

New Zeus variant targets users of 150 banks

Posted on 19 December 2014.  |  A new variant of the infamous Zeus banking and information-stealing Trojan has been created to target the users of over 150 different banks and 20 payment systems in 15 countries, including the UK, the US, Russia, Spain and Japan.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Mon, Dec 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //