London bomb blasts rock cyberspace

The London blasts are rocking cyberspace too. Indian infotech majors and computer users are bracing up for another virus attack, this time from a Trojan that is likely to invade using the recent London bombings as a platform.

The computer virus -- TROJ_DONBOMB.A -- was being circulated through e-mails with a spoofed address of CNN and uses "social engineering technique" to gain access to systems.

"The Trojan, which is doing the rounds across the globe over the Internet, is likely to cause havoc in this country also. This uses a social engineering technique, that is utilising current events as a bait to hook unsuspecting users for its malicious intentions," Trend Micro country manager (India and Saarc) Niraj Kaushik said.

Trend Micro had detected the Trojan and had also issued a warning on its website and to its registered users through mails.

A Trojan comes with a seemingly innocent message and seems to be a forwarded message. However, when opened, it downloads on to the hard disk and steals passwords, account numbers and other important data. These programs are also known to crash systems and servers, bypassing existing firewalls.

TROJ_DONBOMB.A comes with a message, which is a modified copy of a CNN web page and has content of the recent London bomb blasts. The mail, which is spoofed to look like it is coming from CNN, also has an attachment that promises amateur video footage of the last week's terrorist attack.

However, unlike a Trojan, this programme does not affect individual computers as it targets the network. TROJ_DONBOMB.A settles on the hard disk of the user and sends all mail IDs from the address book to the originator of the virus, which in turn sends spam mails to all the mail IDs, thus clogging the network.

The virus was first detected on July 8 in the US and even though it was yet to be detected in India, Kaushik did not rule out the possibility of a detection "soon".

"Most companies do not report on virus attacks, which makes these kinds of attacks untraceable," he said.

This malware (software with mala fide intentions) was the latest in the increasingly popular social engineering techniques that used current events as baits to hook users.

BOBAX family of worms was another recent worm that promised a story on the death of either Osama Bin Laden or Saddam Hussein with pictures. VBS_PHEL.P talked of a suicide attempt by pop star Michael Jackson, WORM_ANTIMAN.A promised a video revealing the "true reasons" behind the death of Pope John Paul II.

Viral infection

TROJ_DONBOMB. A is circulated through e-mails with a spoofed address of CNN and uses 'social engineering technique' to gain access to systems
VBS_PHEL.P talks of a suicide attempt by pop star Michael Jackson
BOBAX family of worms promises a story on the death of either Osama Bin Laden or Saddam Hussein with pictures
WORM_ANTIMAN.A promises a video revealing the "true reasons" behind the death of Pope John Paul II