Bird Flu Trojan Poses Danger To Word Users - InformationWeek
IoT
IoT
News
News
10/27/2005
01:38 PM
50%
50%

Bird Flu Trojan Poses Danger To Word Users

A new Trojan horse, dubbed "Navia.a" by Panda Software, uses avian flu-related subject heads to dupe recipients into opening an attached Microsoft Word document.

Spammers and scammers have already used the public's fear and curiosity about the avian flu to spread their schemes, but now hackers have turned to the trick, a security company warned Thursday.

A new Trojan horse, dubbed "Navia.a" by Panda Software, uses subject heads of "Outbreak in North America" and "What is avian influenza (bird flu)?" to dupe recipients into opening an attached Microsoft Word document.

That's when Navia.a goes old school: the Word document is infected with malicious macros.

One of the macros makes several Windows kernel calls to allow the Trojan to create, change, or delete files, while the second installs "Ranky.fy," another Trojan that opens a back door to the PC.

“Unfortunately, we were expecting something like this," said Luis Corrons, director of Panda's research, in a statement. "This is not the first time, and won't be the last, that writers of malicious code have taken advantage of people's misfortune and anxieties to spread their Trojans and worms."

Word macro threats were once among the most visible, and most dangerous, but have fallen out of fashion. The most infamous macro threat was the Melissa virus of 1999, which debuted a propagation technique -- grabbing e-mail addresses from Microsoft Outlook -- that's still used by most mass-mailed worms and viruses.

To protect against a macro-based exploit, Word users should make sure that the macro security level is set at "Medium," which triggers a warning when a Word document containing one or macros is opened, or "High," to disable macros entirely.

In Word 2003, the setting is under the Tools menu, in the Macro/Security item.

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of the Cloud Report
As the use of public cloud becomes a given, IT leaders must navigate the transition and advocate for management tools or architectures that allow them to realize the benefits they seek. Download this report to explore the issues and how to best leverage the cloud moving forward.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of November 6, 2016. We'll be talking with the InformationWeek.com editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll