Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec

Trojan disguised as e-mail from trustworthy organisation.

MicroWorld Technologies : 13 June, 2007  (Technical Article)
Microworld Technologies is warning of a Trojan downloader embedded in an e-mail which is disguised to appear as though it comes from the trustworthy Better Business Bureau.
Better Business Bureau is an organisation committed to the cause of promoting trust and confidence on the Internet through Online Reliability and Privacy Seal programs. But an email circulating on the net in its name is definitely no good news for business houses, for it's a ploy to infect their computer networks with a Trojan Downloader, say experts at the advanced security solution provider MicroWorld Technologies.
It begins with an email purportedly coming from BBB, which talks about a fabricated complaint from a customer and shows the basic details of the dispute. The mail then tells the recipient that the instructions on how to resolve the issue and a copy of the original complaint are attached with it.

After the victim downloads the attached document, it shows another embedded file with a PDF icon, which actually is a Trojan Downloader named Win32.Agent.bpw. When the user double click on the icon, the Trojan Downloader gets activated and attempts to bring in a possibly malicious file from a predecided location by injecting itself into a hidden Internet Explorer window.

Not to evoke any suspicion after the user clicks on the PDF, it also shows a message which says Adobe Acrobat could not open the file owing to file corruptions. 'This malware mail is remarkable for its convincing legal language and some smart techniques applied in making the user not to smell a rat in the whole process,' points out Sunil Kripalani, Vice President, Global Sales and Marketing, MicroWorld Technologies.

'The email comes in a standard legal letter format and is devoid of common grammatical glitches found in Virus propagating mails. Since it carries an RTF file with an embedded PDF, some users may not suspect any foul play and the error message shown at the end of it may prompt them to take the whole incident lightly, perhaps thinking of it as a case of mistaken identity. But the Trojan would have done its job by this time,' adds the MicroWorld VP.

As an integrated security solution provider for Enterprises, MicroWorld offers a range of solutions to protect business networks from threats like these as well as a variety of other digital perils.

Its mail security solution 'MailScan' provides comprehensive protection against Viruses, Worms, Trojans, Backdoors, Spam, Phishing and many other malicious programs by blocking them all at the mail gateway. On the other hand, 'eScan' from MicroWorld acts as an AntiVirus, AntiSpam and content Security solution for servers and desktops.

Computers infected with Win32.Agent.bpw can be cleaned by downloading and running MicroWorld's free antivirus solution MWAV here.

Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo