p2pnet.net News:- Vxers are using the London terror bombings to spread a Windows email virus disguised as a newsletter from CNN.

The virus is travelling in an e-mail which bears the subject line: `TERROR HITS LONDON` and comes from a spoofed e-mail address, says the BBC.

The message tells those receiving it to click the attached file which claims to show amateur video footage shot in the London Underground immediately after one of the bombs went off, says the story, going on:

A file called `London terror moovie.avi` is attached to the malicious e-mail,” says the BBC. “Hidden after a long series of blank spaces is the real title of the file that is attached.”

An attempt has been made to make it look harmless by saying it’s been, “Checked by Norton Antivirus.exe”.

When executed, “the attachment copies itself to %Windir%winlog.exe and modifies the Windows registry key `HKLM/Software/microsoft/Windows/CurrentVersion/Run` so that it runs automatically on system start-up,” says spamfo.co.uk.

The as yet unnamed Trojan then tries to turn the infected computer into a zombie machine by obtaining a list of SMTP servers victims’ machines are configured to use, “and starts to use these servers to send large volumes of unsolicited mail,” adds the story.

Something you think we should know? tips[at]p2pnet.net

See:-
BBC – Virus exploits London Tube bombs, July 11, 2005
spamfo.co.uk – New Email Virus Poses As London Terrorist Attack News Footage, July 8, 2005

This entry was posted on Monday, July 11th, 2005 at 3:27 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

HOME

Viewed 2407 times