Kaspersky Labs described the mass mailing as "unusual" because the messages attempt to spoof the email address mcafee@europe.com.
The Lafool.v infection is hidden in a Word document called 'McAfee.Inc. Reports.doc'. The file is 80,635 bytes in size, and allegedly contains a report about the propagation of malicious programs on the Internet.
However, the document actually contains a macro written in Visual Basic for Applications.
Lafool.v extracts a new modification of LdPinch, a well-known Trojan password stealing program, from itself and launches it for execution, Kaspersky Labs warned.
LdPinch steals passwords to a number of services and applications, including AOL Instant Messenger and ICQ, and other confidential user data.
Kaspersky Anti-Virus detects the new variant of this program as trojan-PSW.Win32.LdPinch.bbg.
_(23).jpg&h=140&w=231&c=1&s=0)
_(26).jpg&w=100&c=1&s=0)
iTnews Executive Retreat - Security Leaders Edition
_(1).jpg&h=140&w=231&c=1&s=0)
