The government’s Unified Incident Reporting and Alert Scheme (UNIRAS) has warned antivirus companies that a new Trojan is on the loose.
‘Mystri-A’ uses a relatively simple monitoring program that tracks all traffic from port 6000 and sends it to an unknown email address. The information is stored in c:logfile.txt before sending, and the Trojan copies itself to systrimit.exe. A virus identification file is available from most vendors. “We’ve seen virtually no activity since the government alert,” said Graham Cluley, antivirus specialist at Sophos. Full Story