Russian computers may be susceptible to a new virus concealed in bitmap images
By Matt Whipp
Posted on 14 May 2004 at 11:54
The virus is a Trojan - named Agent - that infects computers running the Russian edition of Windows 2000 with IE 5 and 5.5 when the victim clicks on a bitmap image attached in an email.
Microsoft has yet to issue a patch for the flaw in the handling of bitmap images, according to Kaspersky - a Russian antivirus company - and it has been exploited as a direct result of the leak of part of the Windows source code. The only protection is having up to date antivirus software. Kaspersky is concerned that this is just the first version of the virus and that subsequent version may be far reaching in their effects.
Denis Zenkin, Head of Corporate Communications, Kaspersky Labs, said: 'We believe the reason why this particular Trojan attacks the Russian version of Windows 2000 is because the virus-writers are in the process of debugging the Trojan code. Most probably they have the same version of operating system installed on their PCs and therefore use the default Windows components specific for the Russian version.
'At the same time it is very easy to make the Trojan multi-platform. Windows 2000 is still the most popular version of the operating system and still there are many of them equipped with MS IE 5.x.'
The emails are being spammed out, and if the attachment is launched, then it immediately connects to a remote server and downloads a further Trojan, known as Throd.
Throd allows a remote 'master' to do a number of things on the machine, including copying data, harvesting email addresses and commandeering the system to end out spam.
'Throd is obviously written for spammers,' said Eugene Kaspersky, Head of Anti-Virus Research at Kaspersky Labs, 'The Trojan harvests email addresses and creates a network of zombie machines for massive spammer attacks. Once again, we see a confirmation that spammers and virus-writers are working hand in hand.'
Kaspersky claims its antivirus software scans bitmap images for malware.
From around the web
advertisement
- Chrome's shine getting lost in translation
- BytePac: the cardboard hard disk enclosure
- How tech loosens our grip on reality
- Hokum watch: Safer Internet Day
- Why I'm deleting Adobe from my PC
- Prepare to be patronised: it's Safer Internet Day
- Dear Sony, Samsung and every other tech company in the world: stop trying to be Apple
- Will Apple's Final Cut Pro X update placate the pros?
- Smartr Contacts for iPhone review
- Switching to Office 365's Outlook Web App
- Paying for your crimes with Bitcoin
- Pavement hacking: What it is and how to avoid it
- Google's risky pre-loaded pages
- Mac under attack: how secure is Apple's OS?
- Has your browser been hijacked?
- Can you send a truly anonymous email?
- Is it safe to send bank details over email?
- Sainsbury's Bank bans password storage
- MobileMe triggers credit card blocks
- How to stay safe against session hijacking
advertisement
Printed from www.pcpro.co.uk