Kaspersky Labs described the mass mailing as "unusual" because the messages attempt to spoof the email address mcafee@europe.com.
The Lafool.v infection is hidden in a Word document called 'McAfee Inc. Reports.doc'. The file is 80,635 bytes in size, and allegedly contains a report about the propagation of malicious programs on the internet.
However, the document actually contains a macro written in Visual Basic for Applications.
Lafool.v extracts a new modification of LdPinch, a well-known Trojan password stealing program, from itself and launches it for execution, Kaspersky Labs warned.
LdPinch steals passwords to a number of services and applications, including AOL Instant Messenger and ICQ, and other confidential user data.
Kaspersky Anti-Virus detects the new variant of this program as Trojan-PSW.Win32.LdPinch.bbg.
Malicious Trojan poses as McAfee alert
By
Robert Jaques
on Nov 7, 2006 10:04AM
Security experts have intercepted a mass mailing purporting to come from McAfee, but which actually spreads a Trojan horse.
Got a news tip for our journalists? Share it with us anonymously here.
Partner Content
Partner Content
Digital inefficiency continues to hinder productivity
Partner Content
Why your organisation's perimeter cybersecurity model is outdated
Promoted Content
COVID has sped up 'data gravity': how can IT leaders respond?
Promoted Content
Why educators should partner rather than compete with EdTech
Sponsored Whitepapers
How Security as Code changes development and deployment for the cloud
Tackle new ITSM priorities with this seven-step Micro Focus guide
Tomago Aluminium improves SAP environment performance, security with Red Hat and IBM
Future of work: Support your distributed HR workforce with digital document processes
Develop a resiliency strategy that integrates risk analysis & continuity management
