Spam-spewing Trojan virus stalks Europe

18 Mar 2010

A powerful remote-control Trojan that can turn PCs into parts of a powerful bot disseminating spam email is on the rampage in Europe, it has emerged.

ESET’s in-the-cloud malware collection system ThreatSense.Net has picked up an increased activity of a Trojan dubbed Win32/Lethic.AA.

The Trojan is used for spam distribution and can be controlled remotely. To infiltrate a user’s computer, Win32/Lethic.AA probably piggybacks on another malicious software or is downloaded into the user’s computer by an already present malware.

The main purpose of this Trojan is turning the infected computer into part of a powerful bot for dissemination of spam email. To avoid being detected, its programming code is embedded in the explorer.exe file.

As of mid March, Win32/Lethic.AA is one of the most widespread threats, primarily afflicting users in the Netherlands, where it accounts for almost 13pc of all detected threats. It has also been detected in Estonia (9pc) and Belgium (7pc).

It registered around a 3pc share in Denmark, Norway, Sweden, Portugal and Slovenia. The Trojan also affects computer users in Slovakia, Croatia, Serbia, Greece, Russia, Great Britain and Ireland, however, the 1pc share it has gained puts it among the top 20 most widespread threats.

To combat this Trojan, ESET recommends using updated versions of internet browsers and security software, along with a good deal of caution when downloading files or browsing the internet.

By John Kennedy

Photo: A Trojan named Win32/Lethic.AA. is used for spam distribution and can be controlled remotely

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years

editorial@siliconrepublic.com