New password stealing Trojan discovered

New password stealing Trojan discovered

Summary: MessageLabs warns of password stealing trojan

E-mail security provider MessageLabs has discovered a new password stealing trojan, however at this stage the company is still treating it as a low-level threat.

Technical director of MessageLabs Asia Pacific, David Banes, said the trojan is an example of a hybrid attack.

MessageLabs said that it discovered the trojan, dubbed yes2k.exe, in a series of spam e-mails. The message exploits an Internet Explorer vulnerability that allows it download a script. When the script executes, it downloads a copy of yes2k.exe to the victim PC and runs it.

-The new threat clearly illustrates the convergence of spam and malicious code because the spam emails contain a link to a potentially damaging trojan," said Banes.

Banes warned organisations that anti-virus solutions alone are not good enough to protect their networks against threats such as this.

"The issue is much broader, requiring total email security. We recommend companies and governments adopt solutions that protect against all forms of email threats - viruses, spam and pornographic content," said Banes.

Topics: Collaboration, Malware, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


1 comment
Log in or register to join the discussion
  • Hey

    Sup Ma Name Is Ray BAss.An I Wanna Learn How To Hack Into peoplez Yahoo I.Ds..Will Ya Guys Help Out A Homie R Whut?