A Trojan Horse is being spread over the internet via e-mails reporting the supposed death of Russian president Vladimir Putin.
The spam e-mails have the subject line “ATTENTION !!! President of Russia has dead”, and encourage users to click on a “news” link for more information.
Embedded in these spammed e-mails is a hidden script that exploits the well publicised ADODB.Stream vulnerability in the Internet Explorer browser to secretly download the malicious Dloadr-ZP Trojan horse from a Russian website.
The Trojan horse is designed to download further malicious code which could allow remote hackers to gain unauthorised access to the victim’s computer.
The HTML e-mails also contain a URL, which pretends to link to a BBC News report on Putin’s death.
However, the user is really directed to another Russian website purporting to be the home of a construction firm which provides heating systems for apartments and advertising training seminars.
Graham Cluley, senior technology consultant at internet security software firm Sophos, said, "It appears that whoever sent this spam is trying to discredit the Russian firm in what we call a "Joe job".
“Users may think that the spam was purely an attempt to drive traffic to the construction company's products and seminars, whereas in fact hackers are also using the opportunity to try and infect unprotected PCs."
Vote for your IT greats
Who have been the most influential people in IT in the past 40 years? The greatest organisations? The best hardware and software technologies? As part of Computer Weekly’s 40th anniversary celebrations, we are asking our readers who and what has really made a difference?
Vote now at: www.computerweekly.com/ITgreats