A Trojan program has emerged in Australia that may be triggering a concerted assault on VeriSign’s domain name. Sophos’ antivirus team has confirmed that it is in the preliminary stages of analysing a new Trojan that may be linked to an organised attack on VeriSign’s domain name servers. Paul Ducklin, head of technology, Sophos Asia-Pacific, said the Trojan, dubbed Qhost1, seduces the user into going to a Web site that exploits a security vulnerability in Internet Explorer and inserts malicious code onto the victim’s personal computer. Sophos’s revelation coincides with unconfirmed reports from a source within the technical ranks of one Australia’s major ISPs of a spike in support calls from customers whose DNS server settings had been tampered with, in what appears to be an orchestrated attack on Internet security giant VeriSign. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.