New password stealing Trojan discovered

MessageLabs warns of password stealing trojan

E-mail security provider MessageLabs has discovered a new password stealing trojan, however at this stage the company is still treating it as a low-level threat.

Technical director of MessageLabs Asia Pacific, David Banes, said the trojan is an example of a hybrid attack.

MessageLabs said that it discovered the trojan, dubbed yes2k.exe, in a series of spam e-mails. The message exploits an Internet Explorer vulnerability that allows it download a script. When the script executes, it downloads a copy of yes2k.exe to the victim PC and runs it.

-The new threat clearly illustrates the convergence of spam and malicious code because the spam emails contain a link to a potentially damaging trojan," said Banes.

Banes warned organisations that anti-virus solutions alone are not good enough to protect their networks against threats such as this.

"The issue is much broader, requiring total email security. We recommend companies and governments adopt solutions that protect against all forms of email threats - viruses, spam and pornographic content," said Banes.