Security company McAfee has issued an alert about a Trojan that is insinuating itself into blogs, emails and instant messages. The Trojan, which only came to light yesterday, was reported by www.securitywatch.eweek.com to already have found its way on to hundreds of blog posts.
Known as Spam-Mespam, it works by inserting a link into blog responses inviting people to click on a link to a 'fun video'. Since the link appears to have been posted by a blogger, anyone reading the post may be fooled into thinking the author is recommending the link.
Once someone follows the link, they are taken to a site containing malware, including a rootkit that embeds itself in the PC Registry and contains keylogging software that could be used to send personal and financial details to the Trojan’s author.
As with the Bagle worm that caused extensive destruction to PCs around the world three years ago, Spam-Mespam’s code changes each time it is downloaded, making it difficult to detect and block.
McAfee Avert Labs says Spam-Mespam is a low-profile threat but has nonetheless issued an EXTRA-DAT file that can be downloaded from https://www.webimmune.net/extra/getextra.aspx to prevent infection.
Anyone who thinks they may have been hit by the Trojan can submit the file sample to www.webimmune.net for analysis by Avert Labs. As ever, PC Advisor recommends you have up-to-date antivirus software installed on your PC with automatic updates switched on.