http://news.cnet.com/news/0-1003-200-7662475.html?tag=mn_hd By Reuters October 25, 2001, 6:30 p.m. PT SAN FRANCISCO--A malicious computer program is quietly making the rounds, disguising itself as an e-mail donation form for the American Red Cross while attempting to steal credit card information, antivirus vendors said Thursday. When the e-mail attachment is opened, the malicious program, called Septer.Trojan, prompts people to fill in a donation form purporting to aid the victims of the Sept. 11 attacks. The information is then sent to a Web site that is not affiliated with the Red Cross, according to Symantec. The program, called a Trojan horse because it masquerades as something else, is rated a low risk because it is not spreading widely, said Patrick Martin, development manager of Symantec's security response center. Unlike computer worms that can spread themselves automatically, the Trojan is spread only by someone forwarding it to another person, he said. "We've only gotten a handful of submissions," Martin said of the Trojan, which was first discovered last week. "People are being suspicious because it's very unusual for an agency or organization such as the Red Cross to solicit donations in such a promiscuous manner." However, Three Pillars, a managed security services firm, saw a lot of the Trojan e-mails being sent to its customers, according to Ruth Lestina, vice president of operations and engineering. On Thursday alone there were 142,000 Trojan e-mails coming into the network, she said. Customers were protected with antivirus software, Lestina added. "It's playing on people's feelings from the September tragedy," she said. "It's deemed a low risk because the user has to take an action, but if you look at anything on the news these days, the American public is very, very willing to help anything pertaining to the tragedy and the Red Cross is a trusted name," Lestina said. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri Oct 26 2001 - 04:16:25 PDT