Alanchum.VL Trojan-Laden Spam Downloads Yet Another Trojan Cimuz.BE
PandaLabs has identified a new surge of spam that carries Alanchum.VL Trojan. This new malicious code works to download various kinds of malware onto affected PCs. In the recent spamming event, Alanchum.VL comprised of 62% of all malware detections reported to PandaLabs every hour. Help Net Security published this as news on May 9, 2007.
Spam e-mails containing trojans are at a drastically high level. Phishers are getting more sophisticated with their techniques. And, hackers are always with new methods to penetrate defenses in order to inject malicious code and Trojans.
The Alanchum.VL-laden spam mails have title heads that lure users into clicking on the attachments. Since the malware can't spread automatically, such social engineering techniques are used to spread the Trojan, explains Luis Corrons, technical director of PandaLabs, as published by Help Net Security on May 9, 2007.
Alanchum.VL is particularly dangerous because it downloads yet another malware 'Cimuz.BE Trojan'. This variant then watches users' website activities, so that it can grab the data users enter on the web pages.
Alanchum.VL displays on the affected computer in the form of a Word file icon. The Trojan downloads other malicious items apart from Cimuz.BE. It modifies Windows registry, so that the Trojan runs every time the system starts up.
Trojans have been in the forefront in all fresh malware samples. The shift to trojans is because they are discreet tools to steal users' private data. They even help to remotely commandeer computers much to the desire of hackers today, Corrons said. Sys-con published this as news in early May this year.
Another batch of e-mails carrying Trojan virus has been arriving in the last two weeks. This Trojan virus is the Trojan.Peacomm, also called the Storm worm. It occupies space of about 77 KB, which comes in either an encrypted e-mail or in password-protected zip attachment.
Spam mails containing such trojans sometimes show a security warning pretending to protect the recipient from a supposed threat. The subject head often contains the word ATTN! Proclaiming "Virus Detected!" "Worm Detected!" "Spyware Alert!" or "Warning!"
» SPAMfighter News - 18-05-2007