Thursday, September 23, 2021

Wave of Trojans Slamming the Internet

A wave of Trojan horses, traveling through email, are slamming the

Internet.

The Trojan BagleDl-L appears to have been deliberately spammed out to

email addresses around the world, according to analysts at Sophos, Inc.,

an anti-virus and anti-spam company with U.S. headquarters in Lynnfield,

Mass. Most of the email samples seen so far include a ZIP attachment

which, if opened, tries to connect to one of a number of Websites in

order to download more malicious code.

At deadline, none of these Websites appeared to contain anything

malicious.

The malware also goes after security software on the infected computers.

BagleDl-L tries to stop various security applications, such as anti-virus

and firewall software. It renames files belonging to security

applications, so they can no longer load. It also blocks access to a

range of security-related Websites by changing the Windows HOSTS file.

”Any Trojan horse which turns off your anti-virus or firewall can open

you up to further attack, even by very old viruses,” says Graham Cluley,

senior technology consultant for Sophos. ”My advice is to keep your

anti-virus automatically updated and always be suspicious of unsolicited

email attachments.”

Ken Dunham, director of Malicious Code at iDefense, says they have

discovered five unique codes being heavily spammed into the wild. The

attack, he says, started Monday evening and is ongoing.

The malware does require user interaction, but Dunham notes that, despite

user education, it still is a highly effective method of spreading

malicious code.

”Wave attacks are becoming increasingly common,” says Dunham.

”Multiple minor variants are rapidly seeded into the wild to help the

overall success of the attack… Hackers have been testing their code

prior to the attack to ensure that certain anti-virus products do not

detect the new minor variants. Hackers have become increasingly

sophisticated and organized in what they are doing in an attempt to steal

sensitive information or gain control over many computers.”

Similar articles

Latest Articles