Websense Security Labs has detected a Trojan using real data from the World Bank. The captured sample of the data has revealed that the names and e-mail addresses were taken from the contact pages of the legitimate website.
The e-mail contained the name of a real World Bank employee. Websense claims that no antivirus vendors had detected the initial executable as malicious.
“While the initial executable does not generate suspicious network traffic, the dropped Trojan (m snmsgr_plugin.exe) maintains persistent connection to a host name on the dyndns.org domain,” the release said.
Hacking News 
Leave a comment