Today we detected mass mailing of Trojan-Downloader.Win32.Small.anh in Russia

Whoever spammed this malicious program has used social engineering techniques in a clever way. The message which the malicious program is attached to seems to be a forwarded message, complete with answer. The text hints at a hot date, and attached photos – the recipient is exhorted not to show them to any one.

Of course, such a text is designed to excite the reader’s curiosity, and maximize the change of the attachment being opened. When the recipient clicks on the attachment, Trojan-Downloader.Win32.Small.anh will be launched. The downloader will then install a range of other malicious programs on the victim machine: Backdoors, Trojan-Proxies, Trojan-Droppers and Trojan-PSW.

The attachment name has been crafted so that the user only sees a .JPG extension, and not the .EXE extension which shows that the attachment is, in fact, an executable file.

And the result? The person or group sending these messages is harvesting passwords from infected computers, and gaining full access to victim machines, which can then be used as spamming platforms.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *