Login

Username:

Password:

 
Lost Password?
Register now!


Did you know?
Password can be created from any combination of characters, letters and numbers.



Random FAQ
Can I transfer my license to another Domain Name?

Vulnerabilities & Exploits : Sophos laughs at Secure Computings' Trojan warnings
Posted by glm on 2008/12/22 18:28:01 (25 reads)





By :Iain Thomson


Mar 2, 2007 9:43 AM




Security firms have laughed off claims from Secure Computing that a new Trojan can evade traditional antivirus systems.

Secure Computing's TrustedSource labs issued an urgent alert last night that the 'Mespam' Trojan was on the loose and that ordinary antivirus software would not be able to stop it.

"This threat signifies a trend towards blog, message boards and webmail-related malware," the alert warned.

"What makes it particularly insidious is that antivirus detection from the leaders (McAfee, Symantec, Sophos, Trend Micro etc.) does not always work because Mespam uses server 'polymorphism', i.e. it is continuously 'repackaged' to make it appear different."

The Trojan was spreading after messages were spammed out urging computer users to visit mailfreepostcards.com and download a video.

Mespam is described as 'polymorphic' and TrustedSource claimed that this made it unstoppable by standard means because the signature changes constantly.

"Secure Computing's incorrect claim that Sophos could not deal with this threat gave the guys in our labs the best laugh of their day," said Graham Cluley, senior technology consultant at Sophos.

"Sophos customers had a bigger problem deciding which socks to put on this morning than they did with this malware."

Cluley said that Sophos had picked up the Trojan on 1 February and blocked it and the website it came from on 19 February.




Source from:Copyright © 2008 vnunet.com


Other articles
2009/2/4 23:20:16 - Cloud computing is a storage spot for malware
2009/2/4 23:20:15 - Microsoft responds to Windows 7 security gripe
2009/2/4 23:20:12 - Web identity hijacking on the rise
2009/2/4 23:20:12 - Google glitch puts surfers in a quandary
2009/2/4 23:20:11 - Facebook plays down privacy concerns
2009/2/4 23:20:10 - Australian Computer Society to use Sophos security solution
2009/2/4 23:20:09 - Google working on fix for clickjacking vulnerability in Chrome
2009/2/4 23:20:08 - McAfee: Malware will use web and USB sticks to spread in 2009
2009/2/4 23:20:07 - With economy in tailspin, Monster discloses major breach
2009/2/4 23:20:06 - OS X 'pirate' trojan resurfaces
2009/2/4 23:20:05 - IE 8 approaching on formal release
2009/2/4 23:20:04 - Companies warned over use of Netbooks
2009/2/4 23:20:03 - Trend Micro signs up with BigFix
2009/2/4 23:17:08 - Banks urged to change security policies
2009/2/4 23:17:08 - Heartland incident provides opportunity to standardise data breach notification laws

The comments are owned by the poster. We aren't responsible for their content.

Articles