More Deceptive Spam Spreads Trojan Horse
There is a new spam campaign going around, which pretends to be a breaking news story about the death of Russian President Vladimir Putin according to Sophos.
In actuality, the spam is sent by hackers aiming to infect your machine with a trojan horse. This is certainly a concept we've seen before. Sophos provides details of the spam:
Embedded in the HTML email is a hidden script that exploits the ADODB.Stream vulnerability to secretly download the malicious Troj/Dloadr-ZP Trojan horse from a Russian website. The Trojan horse is designed to download further malicious code which could allow remote hackers to gain unauthorized access to the victim's computer.
Although the link pretends to be that of a BBC News report, the user is really directed to another Russian website purporting to be the home of a construction firm focused on providing heating systems for apartments and advertising training seminars.
» SecurityProNews - Chris Crum - 13-07-2006