The Trojan horse is disguised as a message from the payment system PayPal, where the sender address is falsified as "do_not_reply@paypal.com", and the subject appears as "PAYPAL.COM NEW YEAR OFFER".
If the attachment, paypal.exe, is opened, the Trojan connects to a remote server, downloads Mimail.p and installs it onto the computer.
The worm differs from previous versions because it is compressed using UPX, which makes it more difficult for anti-virus programs to detect it. It is also extracts confidential information and sends it to anonymous addresses belonging to the worm's author.
Mimail was created in Russia and first appeared on the internet at the beginning of August 2003.
.png&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
.png&w=100&c=1&s=0)
iTnews Benchmark Security Awards 2025
Digital Leadership Day Federal
Government Cyber Security Showcase Federal
Government Innovation Showcase Federal
Digital NSW 2025 Showcase
_(1).jpg&h=140&w=231&c=1&s=0)
