Cute.exe Trojan horse attacks through e-mail


Cute.exe Trojan horse attacks through e-mail

Network Associates' and Symantec have warned computer users to beware of an e-mail worm that could allow attackers to take over their machines and try to damage firewall and security programs.

Users should look out for an e-mail message with a subject line: "Thoughts..."

Inside, a short note reads: "I just found this program, and, i dont know why... but it reminded me of you. check it out." Inside the message is an attachment called Cute.exe.

Symantec and said the package unleashes a Trojan horse worm that will look for security programs inside a user's machine and attack them. Both companies have labelled the worm a "low" risk and offer instructions on their Web sites on how to remove it.

Symantec and McAfee describe the Trojan as a variant of the "Backdoor.Subseven" Trojan horse. Symantec named the Trojan W32.Tendoolf, while McAfee dubbed it W32/Floodnet@MM.

The program will also allow attackers to do the following:
  • Send instant messages from an infected machine using either MSN Messenger or AOL Instant Messenger

  • Send e-mail

  • Initiate denial-of-service attacks

  • Access, move, copy or delete files

  • Access, move, copy or delete file transfer protocol files

The program will copy itself to the Windows directory and create two registry keys,'s statement said. Two INI keys are also created, then the worm looks for E security programs - including antivirus and firewall programs - in memory and terminates them if found.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy