Anti-virus software vendors warn that two more Mimail-type Trojans are spreading through cyberspace - and they are actively `phishing` for victims` bank account details.
Netxactics, local distributor for Sophos anti-virus, says it has received several reports of a new Trojan that resembles Mimail, called Mmdload (Troj/Mmdload-A).
Mmdload is the latest piece of malware attempting to dupe users into disclosing their bank account details. It arrives as a zipped attachment in an e-mail that carries the same subject line and text used by the recent Mimail-N worm. The message offers recipients the chance to win money, which will be transferred to their bank accounts if they fill in a form asking for personal financial details.
Once the attachment is unzipped and its file, PAYPAL.exe, is launched, the Trojan attempts to contact a Russian Web site, www.aquarium-fish.ru, to download a copy of Mimail-N giving it a new lease of life by enabling it to bypass e-mail gateway protection. This is the same Web site to which Mimail-N worm attempts to send the completed PayPal forms.
"This is the latest Trojan `phishing` for personal financial data," says Brett Myroff, CEO of Netxactics. "The malicious coders know that not everyone who receives the e-mail will be a PayPal customer, but similar to the mindset of spammers, if only a few people fall for the ruse, there is an opportunity to drain bank accounts."
Security software maker Kaspersky Labs says it has detected a mass mailing of a Trojan program "small.cz" which downloads a new Mimail variant, Mimail.p, from a remote server.
Kaspersky Labs says the Trojan is sent in the guise of a message from the payment system PayPal. The sender`s address is falsified as "do_not_reply@paypal.com", the message topic appears as "PAYPAL.COM NEW YEAR OFFER", and the attachment is named paypal.exe. When run, the Trojan in the file connects to a remote server, downloads Mimail.p and installs it in the system.
The new modification of the worm differs from previous versions only by the fact that it is compressed using UPX, which Kaspersky Labs reports makes it more difficult for some anti-virus programs to detect Mimail.p.
Virus attacks cost businesses an estimated $55 billion in damages last year, according to anti-virus software maker Trend Micro. In a report released last week, the firm said companies lost roughly $13 billion due to attacks in 2001 and around $20 billion in 2002.
Related story:
Viruses cause $55bn damage
Share