New Trojan horse may go mainstream

A new variety of Trojan horse virus that broadcasts victims' files on the Internet is making its way into the mainstream, antivirus vendors warn.

The new strain uses e-mail systems for self-perpetuation, but differs from similar viruses in its ability to broadcast the information from a victim's hard drive to Internet Relay Chat (IRC) channels around the world.

A Trojan horse is an apparently useful program containing hidden functions that can exploit the privileges of the user with a resulting security threat.

Trojan horse viruses rely on users to install them, or they can be installed by intruders who have gained unauthorised access by other means, such as double-clicking on an attachment in e-mail or the downloading of an apparently harmless program from the Internet.

Information technology managers should be concerned, as Trojan programs sent via e-mail allow much easier remote access to a company than by breaking down a firewall.

Although there have been no reported outbreaks in Australia, Eric Halil, operational manager at AusCert advises vigilance.

"If a user is tricked into installing an IRC initialisation file, it is possible for someone else to gain command of the victim's PC," Halil said.

The remedy is, once again, user vigilance, said Halil. "There is no real silver bullet," he said. "People need to be made aware of the dangers of executing programs from the Internet or e-mail," he said.

"Many individuals are not even aware of the potential dangers. 'Newbies' are especially vulnerable, as it is easy to confuse someone into installing a Trojan."

Networked systems are also in danger from intrusion via a client. Particularly vulnerable are systems that transmit authentication material, such as passwords, over shared networks in a trivially encrypted form.

Halil advises that there are three precautionary measures that IT managers can take to prevent Trojans making their way into networks:

Ensure antivirus packages are up to date;Put policies and procedures in place to discourage people from executing attachments on e-mail and downloading suspect programs from the Internet;Educate users and inform them of new viruses.

Join the newsletter!

Error: Please check your email address.

More about AusCertInto networksVigilance

Show Comments