Panda Software reports a spam message that downloads a Trojan

Panda Software reports a spam message that downloads a Trojan The message is sent with the subject field: Osama Bin Laden Captured Glendale, CA - April 22 2004 – Panda Software’s PandaLabs has detected a spam message currently being sent to users which tries to get recipients to visit an advertising page and which also downloads a Trojan to users computers. The characteristics of the message are: From: the name of the sender is variable, although it tries to make recipients think it has been sent by the BBC or CNN. Subject: “Osama Bin Laden Captured”, Message text: “Hey, Just got this from CNN, Osama Bin Laden has been captured! Goto the link below to view the pics and to download the video if you so wish: (Internet address) "Murderous coward he is". God bless America!”. The address indicated in the message takes users to what appears to be an advertising page. However, the page contains code that exploits a vulnerability (detected by Panda antivirus as Exploit/MIE.CHM). The code also downloads and runs a file (detected as VBS/Psyme.C). Finally, a file called EXPLOIT.EXE, which contains the Trojan Trj/Small.B is downloaded from Internet onto users’ machines. Panda Software advises users to treat e-mails received with caution and to update their antivirus software. The company has already made the updates to its products available to users to ensure their solutions can deal with this threat. Similarly, users can also detect and disinfect malicious code using the free, online antivirus, Panda ActiveScan, which is also available on the company’s website at http://www.pandasoftware.com. About Panda Software Panda Software (http://www.pandasoftware.com) is the first company to allow truly automatic daily signature updates, as well as centralized administration of antivirus protection, both of which have revolutionized the antivirus industry. Panda Software is also known for its user-friendly policies, including free telephone support for corporate customers, expanded competitive renewal programs and free disinfection services. All of its products feature exclusive SmartClean™ technology and are endorsed by major industry watchdogs including ICSA Labs and Checkmark. Panda Software’s solutions have received awards and quality certifications from the sector’s most widely-respected organizations, including ICSA Labs and Checkmark and its commitment to customer service, innovative products, and the pioneering concept of 24h-365d tech support have revolutionized the IT security industry. ABOUT PANDALABS On receiving a possibly infected file, Panda Software's technical staff gets right to work. The file is analyzed and depending on the type, the action taken may include: disassembly, macro scanning, code analysis etc. If the file does in fact contain a new virus, the disinfection and detection routines are prepared and quickly distributed to users. For more information: Alan Wallace VP, Corporate Communications US [email protected] (818) 543-6909