A backdoor Trojan, which arrives through spam mail, has been dismissed by experts as a low-risk, low-distribution virus. It resurfaced in South African mailboxes this week.
Justin Stanford, from information security company 4DDS, says the W32.Lorac virus, first discovered in August 2003, is a network share worm with backdoor and password-stealing capabilities.
"The worm arrives in a spam mail, which contains an html file. The file exploits a Microsoft Internet Explorer vulnerability to drop the worm. It is not very widespread at all - it is considered low-risk with low distribution," Stanford explains.
A Trojan is typically a malicious, security-breaking program that is disguised as something benign. The W32.Lorac arrives through e-mail, usually with the subject line "Photo" or "Image".
The virus can perform various backdoor activities based on the file downloaded. These include upload file, execute program, copy/delete/find file and retrieve system information. Infections could lead to consumption of resources, privacy leakage and loss of control of the PC to a third-party.
Stanford says the end-user might notice a slowing down of Internet connectivity, as the virus will attempt to spread via e-mail and shared networks.
Share
