Security news
Security news26 January 2004
Dumaru worm poses as photo but steals online banking details. Sophos comments
 |
| Users should be wary of clicking on unsolicited attachments |
Sophos technical support has advised customers about a new worm which poses as an emailed photograph, whilst really attempting to steal online banking details in the background.
The W32/Dumaru-Y worm arrives in an email with the following characteristics:
From: "Elene" FUCKENSUICIDE@HOTMAIL.COM
Subject: Important message for you. Read it immediately !
Message body:
Hi!
Here is my photo, that you asked for yesterday
Attached file: myphoto.zip
If the file inside the attached zip file is launched the worm will be activated, capturing keystrokes during online banking sessions which could include passwords and financial account information.
The Dumaru-Y worm contains its SMTP engine and attempts to collect email addresses to send itself to by searching the user's hard drive.
"All computer users should think carefully before opening an unsolicited email attachment as it may be a malicious attempt to drain your bank account," said Graham Cluley, senior technology consultant for Sophos. "Users should ensure their anti-virus is automatically updated, and ask their ISP or employer to block unwanted executable code before it reaches the desktop."
Sophos's email protection solutions provide an effective way to prevent unwanted viruses and spam arriving via email.
Do you know how many employees are running virtualisation software on their PCs?
