Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

RE: First WMF mass mailer ItW (phishing Trojan)

From: Gadi Evron <ge () linuxbox org>
Date: Thu, 16 Feb 2006 09:27:55 -0600 (CST)
On Thu, 16 Feb 2006, Larry Seltzer wrote:

The emails themselves do not contain the payload, but rather a URL to

sites that will infect users.



How can this be called a worm? AFAIK, malware that needs human intervention

to spread is a trojan, not a worm.

So are e-mail worms like Sober and Bagle actually Trojans?




Yes. (never will you hear me saying 100%, but pretty much)

When the AV industry understood that most of what they see are Trojan
horses, they started taking them seriously. The tech guys are good guys,
but the AV industry has been around long enough for us all to be set in
our ways.

So, a few years too late they started taking Trojan horses seriously, but
as these Trojan horses are for mass stupid-public consumtion and not
specially-crafted malware for a specific target, maybe that's not very
cool.

Some in the AV industry (on the other hand) still treat Trojans as garbage
files, though.

We learn as we go.

        Gadi.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: