Macro Virus Deceive Users With Infected Word Document
MicroWorld Technologies, an IT security solution firm, advised computer users to be cautious while receiving MS Word files from anonymous senders, or while downloading the files from dubious sites. The reason being that the files might be corrupted with MSWord.Lafool.v Trojan.
The firm reported that the Trojan is a macro, which exploits Microsoft Word's programming language to spread infection. Macro trojans normally do not stop programs from operating, rather aims templates and documents. But MSWord.Lafool.v Trojan has different working system; it acts as a 'Trojan Dropper', which submits an 'Information Stealing Trojan' called PSW.LdPinch.bbg.
Manoj Mansukhani, Head, Technology and Marketing, MicroWorld Technologies, said "users have to view this variant along with the latest surge in 'Trojan Droppers', which exploited susceptibilities in MS Office including MS Word's flaws. It may be interesting to observe that most of these malware proliferate with the aid of susceptibility exploits, are password-thieving Trojans.
PSW.LdPinch.bbg is an information assembling Trojan with Backdoor abilities. It can thieve secret information like MS wallet passwords, FTP user names and passwords, networking information, mail-setting details, RAS dial-up settings and much more. Govind Rammurthy, CEO, MicroWorld Technologies, stated that an intruder can effectively employ this tool to penetrate and spy on an organization to steal the confidential details.
Ramamurthy added that knowledge is, literally and figuratively, money. Loss of credit card details is as bad as loss of loaded wallet in daylight. The loss of intellectual property and knowledge base of an organization is damage beyond repair.
Kaspersky, too, has reported about a mass mailing comprising a Word document infected with MSWord.Lafool.v Trojan. The document has been named as "McAfee Inc. Reports.doc" and allegedly it contains a report on malicious program propagation on Internet. This mass mailing attack is quite unusual as the messages seems to be sent from firstname.lastname@example.org and reportedly originated from the anti-virus firm, McAfee.
Experts insist users to update the anti-virus programs and thoroughly scan all the Word documents, which have been received through e-mail or taken from the Web.
Related article: Major Predictions of Malware Attacks
» SPAMfighter News - 09-11-2006