Trojan horse reportedly spreading via e-mail, again.

It appears a particularly virulent e-mail trojan was running around the Internet yesterday (and into today) that apparently managed to take down servers at a number of key enterprise locations.

An e-mail virus swept through the Internet Thursday, snarling traffic and taking down servers at ABC, NASA, Comcast, and Google — and possibly even affecting the Department of Homeland Security.

The virus, called “Here You Have” (or VBMania, though different security companies have different names for the same virus), is a simple Trojan Horse: An e-mail arrives in your inbox with the suggestive subject line “here you have.” The body reads “This is The Document I told you about, you can find it Here” or “This is The Free Download Sex Movies, you can find it Here.”

Click the link in the message and you launch a program that spams the same Trojan Horse out to everyone in your address book, flooding and crippling e-mail servers.

OK, for the supposed “common sense” part of our show, today, I’d like to point out that if you receive an e-mail from a friend of yours talking about a document he “told you about” when, in fact, you haven’t had such a conversation, you shouldn’t click the link until you contact your friend and ask him if he actually sent such a message. Clicking a link directing you to a download of “free sex movies” is about as smart as accepting an invitation for free sex from a $2 prostitute. Don’t do it.

The sad part about this story, for me, is that it doesn’t actually show anything new. This kind of transmission vector has been used for literally years on dozens of trojan horse attacks. It doesn’t actually do anything special so far as the technology goes. It’s not a self-replicating worm that attacks and penetrates your firewalls, it’s not spoofing itself as http traffic while executing an operating system exploit. It’s completely dependent on a user’s actions to engage and spread. The only way it works is if people do something that’s, frankly, ill-advised.

Don’t do it, folks. You can stop it right now if you just hesitate to click on a link until you know it’s something your friend really meant to send you.

Advertisements