Two waves of spam were launched this week to send out new variants of the Bagle Trojan horse, antivirus company Sophos said.
All versions of the Bagle DI-U Trojan try to turn off antivirus and security software, and to block access to security Web sites, in an attempt to strip away a PC's immune system, enabling hackers to gain access, Sophos said in a statement Wednesday.
There are strong similarities between the two waves of spammed messages bearing the Trojan, according to Sophos. In both, the subject line is blank, the body message text is "new price," and the malicious file attached could be identified with names such as "09_price.zip," "price_new.zip," and "price2.zip."
Sophos advised taking the usual precautions against such attacks. "All computer users must avoid opening unsolicited e-mail attachments and ensure that their antivirus protection is up-to-date," Carole Theriault, a senior security consultant at the antivirus company, said in a statement.
Theriault said corporate Internet users should also consider blocking all executable code from entering their networks via e-mail.
CNET News.com's Joris Evers contributed to this report.