Trojan Uses Hotmail, Yahoo as Spam Hosts

BUCHAREST, Romania – July 7, 2007 – BitDefender® Labs issued a warning today that a new threat – dubbed Trojan.Spammer.HotLan.A – uses Hotmail and Yahoo accounts to send e-mail spam.

The trojan uses automatically-generated accounts, suggesting that spammers have found a way to bypass the captcha systems, whereby new accounts aren't created until the creator guesses correctly which letters are depicted in an image.

Every active copy of the trojan accesses an account, then pulls encrypted spam e-mails from a website, decrypts them and sends them to (presumably valid) addresses taken from yet another website.

"There are only about 500 or so new accounts being created every hour," commented head of BitDefender Antivirus Lab Viorel Canja. "But still, we've seen 15,000+ Hotmail accounts being used so far. It's hard to estimate how many spam e-mails have already been sent."

The spam e-mail currently being distributed is trying to lead users to a site that advertises pharmacy products. Common spammer techniques are used in the e-mail body, such as bayesian poisoning and a random e-mail subject.

BitDefender was the first security company to detect the trojan and add a signature.

About BitDefender®
BitDefender is a leading global provider of security solutions that satisfy the protection requirements of today's computing environment. The company offers one of the industry's fastest and most effective lines of security software, setting new standards for threat prevention, timely detection and mitigation. BitDefender delivers products and services to over 41 million home and corporate users in more than 180 countries. BitDefender has offices in the United States, the United Kingdom, Germany, Spain and Romania. Further information about BitDefender can be obtained by visiting: http://www.bitdefender.com

# # #
U.S. Media Contact:
Peter Gorman, Topaz Partners
Phone: +1 781-404-2430
Email: BitDefender@TopazPartners.com