Surge in password-protected malware
By Guy Matthews,
There has been a surge in viruses sent in the form of an apparently trustworthy password-protected zip file attachment, security experts are warning.
Messaging security specialist Email Systems says more virus writers than ever before are delivering their malicious code as either an encrypted or password-protected email, causing even the security-savvy to fall victim unwittingly.
The first viruses hidden in supposedly safe zip attachments were identified six months ago, said Greg Miller, marketing director at Email Systems. He said the situation has worsened considerably in recent weeks with a significant increase in the number of such mails being propagated.
"This is another step change in the tactics of the virus industry," said Millar. "We've seen a drop off in viruses delivered by email in the last year or so. Now there's obviously been another fluctuation in what virus writers are up to. They are getting even cleverer, and hiding the viruses a little bit deeper."
The latest crop of virus-laden attachments are all the more convincing for appearing to have come through the IT manager's system of protection, said Miller. "People think if it has got through, it's safe to open," he said.
"This is a clever bit of code that exploits the trusting."
The new batch of virus laden emails typically contain the Trojan.Peacomm virus, also known as the Storm Trojan, which is around 77Kb in size and usually contained within either an encrypted email or a password-protected zip attachment to an email.
The emails sometimes contain a security warning, supposedly offering to protect the user from a threat. The phrase ATTN! is frequently prominent within the subject line of such emails, which also sometimes proclaim 'Worm Detected!', 'Virus Detected!', 'Spyware Alert!' or 'Warning!'
On receipt of such an email, users are prompted with a password and thereby are unwittingly able to release the virus on their machine. On release, the Storm Trojan virus is designed to retrieve additional malicious code from the internet.
"The huge rise in spam levels we saw before Christmas was about swamping people with sheer volume, hoping to catch them out that way," said Millar. "This is another change in an ever shifting range of methods."
During the last few weeks, he says, Email Systems has quarantined hundreds of thousands of such emails - a major increase from the tens of thousands witnessed last year.
advertisement
Latest Security Features
How to be a successful online fraudster
Ever wanted to know how easy it is to be an identity thief and earn a fortune? IT PRO reveals all…
- What you need to know about ID cards
- Lessons to learn from a year of data breaches
- Q&A: DNS inventor Paul Mockapetris
- Is the password ill-equipped for the modern world?
- Why is backing up given short shrift?
- Defending Europe against cyber attack
- The present and future of IT security
- I’m an IT manager, get me out of here!
- IT around the world: Russia
Latest Security Reviews
Fortinet FortiGate-3810A
Rating: 
- Clearswift MIMEsweeper Web Appliance ENW
- NetASQ U6000 UTM appliance
- AVG Internet Security SBS Edition 8.0
- Finjan Vital Security Web Appliance NG-6000S
- LogLogic MX2010
- Exclusive: WatchGuard Firebox Core X750e
- Sophos ES4000 Security Appliance
- Microsoft Forefront Security for Exchange and SharePoint
- EXCLUSIVE: Juniper Networks SSG 550 UTM appliance
advertisement
Latest News Videos in Security
Video: Eugene Kaspersky outlines security threats
PlayIT PRO speaks to Eugene Kaspersky, chief executive and founder of Kaspersky Lab.
White papers
Want more background on today's hottest IT trends?
Visit IT PRO's white paper library for more on virtualisation, encryption and other topics.
Register for IT PRO
You'll get exclusive member benefits including free white papers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
Social Bookmark this article: What is this?