McAfee spoofing spam to distribute trojans

Security experts say they have stopped a new spam attack in order to spread a dangerous trojan that steals passwords.

Security firm Kaspersky Labs said it was indeed a "strange" spam attack by spammy email messages sent from address mcafee@europe.com owned by well-known security firm McAfee.

The main goal of this spam attack, security experts said, is not to advertise products but to spread a trojan. Hide in a Word file titled ' McAfee Inc. Reports.doc 'attaches to spam emails, Lafool.v trojans ready to infect PC if the user accidentally opens the Word file.

But the trojan Lafool.v is still not the last malware that this spam attack wants to spread. In the file ' McAfee Inc. Reports.doc 'also contains' macros' written in Visual Basic for Applications language that helps Lafool.v drop a variant of a trojan specializing in stealing LdPinch passwords on infected systems.

Kaspersky Labs said the LdPinch trojan has the ability to steal passwords from a variety of services and applications, such as AOL Instant Messenger, ICQ or users' confidential data.

Security experts recommend that users should not open unsolicited or unknown emails, regularly update anti-virus security applications on their PCs to prevent Internet threats.

Hoang Dung