
Once executed the file installs spyware onto the user's computer, which hackers can use to steal passwords, credit card details and other sensitive personal information.
Moreover, if a recipient runs the trojan it connects to a remote server and infects the PC with another set of code.
The worm is thought to originate in Asia, probably South Korea, where the first compromised computers appeared, according to security professionals at Websense.
The number of victims is unconfirmed and experts continue to investigate the problem.
Earlier this week, MessageLabs analysts predicted that there will be an upsurge in VoIP hacking attacks as more businesses implement the technology next year.