TechTarget

Screensaver hides Trojan, says Sophos

Security software firm Sophos says a screensaver now being spread via an email spam campaign actually installs two rootkits and a Trojan horse on Windows PCs.

Security software firm Sophos says a screensaver now being spread via an email spam campaign actually installs...

two rootkits and a Trojan horse on Windows PCs.

The e-mails suggest the user has received a screensaver from a friend and tells them to open an attachment called bsaver.zip.

Sophos said the spam reads "Good morning/evening, man! Realy cool screensaver in your attachment!", while the e-mails' subject lines read:

• Life is beautiful

• Life will be better

• Good summer

• Help you

Sophos said clicking on the file contained inside the Zip attachment infects users with the Agent-FZB Trojan horse, which drops two rootkits to disguise it from security software.

"Rootkits are frequently deployed by hackers to hide other software and processes and use advanced stealth techniques," said Sophos' Graham Cluley.

"Hackers use rootkit technology to maintain access to a compromised computer without the user's knowledge, so it is important to be properly defended against this sort of threat."

Sophos is offering a free download of its Anti-Rootkit program.

File infectors top malware charts >>

Web is biggest threat, says Sophos >>

Comment on this article: computer.weekly@rbi.co.uk

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close