Please support our Tech Talk advertiser:
Jul 6th, 2007, 6:30 am
Romanian security developer BitDefender has issued a warning about a fast spreading Trojan dubbed Spammer.HotLan.A which is using Hotmail and Yahoo accounts to send spam. According to BitDefencer some 15,000 accounts have already been compromised and the situation is likely to get much worse over the next few days.
Viorel Canja, BitDefender Antivirus Lab chief, told DaniWeb that “it’s hard to estimate how much spam has already been sent out, but there are at least 500 new accounts being created by the Trojan every hour.”
The worrying piece of this particular puzzle is the fact that the Trojan uses automatically-generated accounts, something that suggests spammers might have found a way to bypass the Captcha system so many of us depend upon to keep spambots out of forums, email and social networking systems.
Other than that, it is pretty much the same old same old: every active copy of the Trojan accesses an account, downloads encrypted spam from a website, decrypts it and sends on to a spam mail list of email addresses from yet another website. The spam being sent is currently leading users to a pharmacy product site, but expect that to change as the Trojan morphs over the next few days and weeks. Common spammer techniques are being used in the e-mail body text including Bayesian poisoning and the old corker, a random e-mail subject.
Check with your security vendor and make sure this threat is covered in the latest signature update file.
Viorel Canja, BitDefender Antivirus Lab chief, told DaniWeb that “it’s hard to estimate how much spam has already been sent out, but there are at least 500 new accounts being created by the Trojan every hour.”
The worrying piece of this particular puzzle is the fact that the Trojan uses automatically-generated accounts, something that suggests spammers might have found a way to bypass the Captcha system so many of us depend upon to keep spambots out of forums, email and social networking systems.
Other than that, it is pretty much the same old same old: every active copy of the Trojan accesses an account, downloads encrypted spam from a website, decrypts it and sends on to a spam mail list of email addresses from yet another website. The spam being sent is currently leading users to a pharmacy product site, but expect that to change as the Trojan morphs over the next few days and weeks. Common spammer techniques are being used in the e-mail body text including Bayesian poisoning and the old corker, a random e-mail subject.
Check with your security vendor and make sure this threat is covered in the latest signature update file.
This blog entry was written by Davey Winder, staff writer aka happygeek. It has received 3,127 views, 0 comments, and 22 linkbacks. 1 voter has rated this entry 5 out of 5 stars. It was promoted to featured status Jul 6th, 2007.
•
•
•
•
advertising apple botnet browser business crime data development email environment europe facebook firefox forensic gaming google hacking hardware help ibm internet iphone ipod law legal linux malware microsoft mobile mozilla news phishing privacy red hat research search security social networking software spam survey technology trojan uk virus vista web windows yahoo youtube
All Recent Tags Post Comment
•
•
•
•
Only community members can start a blog or comment on blog entries. You must register or log in to contribute.
•
•
•
•
•
•
•
•
DaniWeb Tech Talk Marketplace
Related Blog Entries
- Guild Wars 2: In-House FAQ (13 Hours Ago)
- UK ISPs agree to throttle illegal music file-sharers (19 Hours Ago)
- Intel To Focus on Devices, Again (1 Day Ago)
- WikiGoogle or GooglePedia? Nope, it is Knol actually. (1 Day Ago)
- 5-4-3-2-1 your website in infected (2 Days Ago)
- Botnets boost click-fraud rate (2 Days Ago)
- Apple ships 2.5 million Macs, sells 11 million iPods and 717,000 iPhones in just 3 months (3 Days Ago)
- Limbo 2 Trojan comes complete with guarantee of invisibility (3 Days Ago)
- More Dark Spots on Apple's MobileMe Migration (4 Days Ago)
- Power-Sipping PC Runs Linux (4 Days Ago)
Related Forum Threads
- DSL Cannot Access Hotmail or Yahoo! (Networking Hardware Configuration)
- Hotmail Access Trouble (Web Browsers)
- Hotmail & Yahoo Access Problem on WLAN (Networking Hardware Configuration)
Featured Entry