New Worm Poses As Breaking News Headlines

New Worm Poses As Breaking News Headlines
Crowt-A (W32/Crowt-A) takes its subject lines, message content and attachment names from headlines gathered in real-time from the CNN website. It attempts to send itself by email to addresses found on infected computers.





Crowt-A's subject line and attachment share the same name, but continuously change to mirror the front-page headline on the CNN news site. The message text is also lifted from CNN's site, duping the recipient into thinking that they are reading a bonafide newsletter rather than receiving an infected email.

Crowt-A also installs a backdoor Trojan function. This attempts to log keystrokes on infected PCs and sends gathered data to a remote user. These Trojans are often used by hackers to gain unauthorised control of PCs and to steal personal information such as bank passwords.

Although only a small number of instances of the worm have been sighted so far, Sophos recommends companies protect their computers with a consolidated solution to thwart the virus and spam threats as well as secure their desktop and servers with automatically updated anti-virus protection.

Source: press release

See also:

Bored Computer Virus Offers to Play a Musical Tune

Sophos Anti-Virus Receives 26th Virus Bulletin 100% Award

Top Ten Viruses & Hoaxes Reported To Sophos In September 2004





Permalink: New Worm Poses As Breaking News Headlines
Posted 01/21/05 | Filed under: Security | AddThis Social Bookmark Button


Technorati tags: , , , , , , ,