Anti-virus experts at Sophos are warning users to be wary of unsolicited emails claiming to contain photographs, after a Trojan horse was spammed to Internet users yesterday.

Many companies have reported sighting the Trojan horse at their email gateways. The Troj/BagleDl-A Trojan horse has been distributed in an email with the following characteristics:

• Subject: foto
• Message body: foto
• Attached file: foto.zip or fotos.zip


If the user opens the attached zip file, and launches the HTML file contained within, the Trojan will attempt to download a malicious program from one of more than 130 separate web sites, many based in Eastern Europe, every six hours.

Graham Cluley, Senior Technology Consultant for Sophos said,

"Whoever is behind this Trojan horse is trying to increase the harm they cause by using a wide variety of different web sites to spread their code, and by telling infected computers to download an updated payload every six hours. This makes it harder to shut down every web site under his or her control, and means the malware code can be easily and regularly updated. The mass distribution of this Trojan horse is a seeding for further attacks. All computer users should ensure their anti-virus protection is up-to-date and able to counter this latest menace. Everyone should be wary of launching unsolicited email attachments and ensure their PCs are properly defended.

Just because you are running the latest version of Windows XP you shouldn't think you are necessarily protected from this Trojan. If you launch it on a PC running Windows XP SP2 it can turn off your firewall opening the door to hackers and other Internet attacks."

The BagleDl-A Trojan horse appears to be from the same author as the Bagle worm which struck thousands of unprotected computer users earlier this year.

As ever, we recommend you keep your anti-virus software up to date at all times.


Source : I.T.Vibe

Yes as it seems using an antivirus software is a must, i am using so many software, firewall, anti-spyware, doh, nothing is safe nowdays

(in reply to SiliconFreak)

Now You are talking emperor...it sure is a must...good reliable antivirus + firewall + antispyware&adware + maybe some popup blocker + + + ...never enough huh? I was just thinking...that software + hardware makers maybe should get together to develop one unique program to include all those features and put them in some box with at least some P4-2.8Ghz inside...and then connect this "security" box (computer) between our current computer and router...so that our personal computers that we work on wont be spending up to 50% just for running all those security programs... What do You think?

(in reply to emperor)

A hardware box protection could be another idea, filter packets before reach our PC...

(in reply to SiliconFreak)