The Kama Sutra virus has been named as one the largest threats of recent months.
In Cyberoam's 2010 internet threats trend report for Q4, the Trojan downloader associated with a Kama Sutra presentation titillated recipients into downloading a PowerPoint presentation of sexual positions, but left their PCs infected with a malicious code that opened a backdoor to viruses.
Abhilash Sonwane, VP of product management at Cyberoam, said: “It is one of the most dangerous attacks in recent times because once the virus infects your computer, it can be very difficult to remove it. Hackers would be then able to access all your personal files, execute any number of unwanted tasks and spy on your online activities.
“Our advice is be careful on what you click and do not download any file from unreliable sources. Also, keep your anti-virus program up-to-date and enabled in real-time protection mode.”
Graham Cluley, senior technology consultant at Sophos, warned of the threat last week, claiming that many hearts would race at the sight of a file called 'Real kamasutra.pps.exe'. He said that the PowerPoint slide deck (which ironically is itself ‘clean' from the malware point of view) is dropped onto your Windows PC as a decoy while malware silently installs onto your computer as AdobeUpdater.exe, alongside some other components (called jqa.exe and acrobat.exe).
“Because of this, when you click on the file you do get to see a real PowerPoint presentation, but in the background a backdoor Trojan called Troj/Bckdr-RFM is installed which allows hackers to gain remote access to your computer,” he said.
“Once they have broken into your computer, they can use it to relay spam around the world, steal your identity, spy on your activities, install revenue-generating adware or launch denial-of-service attacks.”
This article originally appeared at scmagazineuk.com
Copyright © SC Magazine, US edition
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @itnews.com.au to your white-listed senders.