Another Trojan on the attack

A new password-stealing worm that uses social-engineering tactics has been intercepted by antivirus firms

Antivirus companies said they intercepted several copies of a new password-stealing Trojan over the weekend.

The new spammed multi-stage Trojan downloader uses an exploit to download and execute an encoded visual basic script from a Web site. The Trojan then creates an executable file which appears to download a malicious program from the same Web site as the original script.

Email security services provider MessageLabs said early indications were the new virus was similar to previous attacks, whereby criminals have used Trojans to install key loggers and password stealers. According to MessageLabs, the name of the Trojan at the time of writing is unknown.

MessageLabs' technical director, David Banes said the company had to date only detected just over 4,000 affected machines globally. In true social-engineering fashion, the Trojan comes with subject phrases such as "about the thing we talked last week.." or "here is it.. like you asked for me 2 days ago" and "whats wrong with you ? why you dont answer to my emails?"

Banes said machines which were not regularly updated are more susceptible to the new Trojan.

For more coverage on ZDNet Australia, click here.