Companies warned over DOJ virus variant

Companies warned over DOJ virus variant


Attachment contains nasty Trojan, again

Carnegie Mellon University's Computer Emergency Response Team (CERT) has issued an alert over spam emails claiming to come from the US Department of Justice (DOJ).

This is not the first attack of its kind – a very similar set of spam was sent out in June. Once again the email warned that a complaint has been made against the recipient.

"These messages contain a malicious attachment that supposedly contains information regarding complaints filed against the recipient's company with the DOJ," said the latest CERT bulletin.

"The attachment launches malware on the user's system when opened."

The attachment is a Trojan downloader that copies itself onto the computer's registry files and reports back to the sender for further instructions.

The attacks started last night, according to web filtering firm Websense, and were initially highly targeted at the financial industry. They predominantly hit firms in the US, Western Europe and the Pacific Rim.

The quality of the spam messages is higher than usually found in such attacks. The email address has been spoofed to simulate the complaintscentre@usdoj.gov and graphics from the actual web site are included.