Posted by: Amker
« on: 30. May 2007., 23:15:03 »A new Trojan Horse called Backdoor.Robofo has been spammed out today, which uses a variety of social engineering tactics to aid its propagation. Firstly it masquerades as an email from the US Internal Revenue Service (IRS), including the use of the IRS logo in the message body to make it appear more legitimate:
The use of legalese in the message content may intimidate some users into opening the attachment. The attachment is called COMPLAINT.rtf and, when launched, displays the following bogus error message:
What appears to be text is in fact the name of an embedded executable, which installs a Backdoor Trojan detected as Backdoor.Robofo. Should you succumb to these various intimidation tactics, then Antivirus definitions dated 05/30/2007 (revision 17 and later) will provide detection against this threat. Symantec's Brightmail-enabled messaging products also have a rule to block the spammed emails.
The use of legalese in the message content may intimidate some users into opening the attachment. The attachment is called COMPLAINT.rtf and, when launched, displays the following bogus error message:
What appears to be text is in fact the name of an embedded executable, which installs a Backdoor Trojan detected as Backdoor.Robofo. Should you succumb to these various intimidation tactics, then Antivirus definitions dated 05/30/2007 (revision 17 and later) will provide detection against this threat. Symantec's Brightmail-enabled messaging products also have a rule to block the spammed emails.