Hotmail and Yahoo targeted by new spam Trojan
Please support our Hardware and Software advertiser: Programming Forums
Jul 6th, 2007, 6:30 am
Romanian security developer BitDefender has issued a warning about a fast spreading Trojan dubbed Spammer.HotLan.A which is using Hotmail and Yahoo accounts to send spam. According to BitDefencer some 15,000 accounts have already been compromised and the situation is likely to get much worse over the next few days.
Viorel Canja, BitDefender Antivirus Lab chief, told DaniWeb that “it’s hard to estimate how much spam has already been sent out, but there are at least 500 new accounts being created by the Trojan every hour.”
The worrying piece of this particular puzzle is the fact that the Trojan uses automatically-generated accounts, something that suggests spammers might have found a way to bypass the Captcha system so many of us depend upon to keep spambots out of forums, email and social networking systems.
Other than that, it is pretty much the same old same old: every active copy of the Trojan accesses an account, downloads encrypted spam from a website, decrypts it and sends on to a spam mail list of email addresses from yet another website. The spam being sent is currently leading users to a pharmacy product site, but expect that to change as the Trojan morphs over the next few days and weeks. Common spammer techniques are being used in the e-mail body text including Bayesian poisoning and the old corker, a random e-mail subject.
Check with your security vendor and make sure this threat is covered in the latest signature update file.
Viorel Canja, BitDefender Antivirus Lab chief, told DaniWeb that “it’s hard to estimate how much spam has already been sent out, but there are at least 500 new accounts being created by the Trojan every hour.”
The worrying piece of this particular puzzle is the fact that the Trojan uses automatically-generated accounts, something that suggests spammers might have found a way to bypass the Captcha system so many of us depend upon to keep spambots out of forums, email and social networking systems.
Other than that, it is pretty much the same old same old: every active copy of the Trojan accesses an account, downloads encrypted spam from a website, decrypts it and sends on to a spam mail list of email addresses from yet another website. The spam being sent is currently leading users to a pharmacy product site, but expect that to change as the Trojan morphs over the next few days and weeks. Common spammer techniques are being used in the e-mail body text including Bayesian poisoning and the old corker, a random e-mail subject.
Check with your security vendor and make sure this threat is covered in the latest signature update file.
•
•
•
•
This blog entry was written by Davey Winder, staff writer aka happygeek. It has been filed under the Hardware and Software category. It has received 4,534 views, 0 comment(s), and 29 linkbacks. It was promoted to featured news status Jul 6th, 2007.
Related Blog Entries
- Microsoft Ads Enough to Make You Puke (8 Hours Ago)
- Will Moonfruit destroy Twitter? (1 Day Ago)
- Yahoo Announces 'Green' Data Center Powered by Niagara Falls (3 Days Ago)
- Neverland is Your Virtual Linux Playground (3 Days Ago)
- Pink iPhone 3GS is hot stuff (4 Days Ago)
Related Forum Threads
- Hotmail Access Trouble (Web Browsers)
- DSL Cannot Access Hotmail or Yahoo! (Networking Hardware Configuration)
- Hotmail & Yahoo Access Problem on WLAN (Networking Hardware Configuration)