Email attachment steals names and passwords

Subscribers to America Online's Internet service are being warned to keep watch for a password-stealing virus circulating in the form of an email attachment.

The virus, dubbed "APStrojan.qa", attempts to steal a member's names and passwords and then send them via email to the virus' author. If a user is logged onto AOL 4.0 or 5.0, the virus also tries to email itself to active people on the member's "buddy list".

Thursday's warning comes after McAfee.com, which makes security software, noted a 100 percent increase in the virus over the past three weeks. The virus has been around for about one year.

AOL has not seen an increase of infected members internally, but is nonetheless heeding McAfee.com's warning, according to spokesman Andrew Weinstein.

"We're continuing to closely monitor the situation, and we encourage people to be extremely careful in opening email attachments even if they're from familiar sources," Weinstein said. "Our top priority is protecting our members, and we do that by educating them."

The infected email comes with a subject line reading "hey you" and an attachment titled "mine.zip." The text within the email reads, "'hey i finally got my pics scanned... theres like 5 or 6 of them...so just download it and unzip it. and for you people who don't know how to then scroll down... tell me what you think of my pics ok?"

Considered a Trojan horse, this virus is less insidious than some, in that Net users must open the attachment in order to become infected.

"If you just open the email and delete it, there will be no effect on your system," said Weinstein.

AOL users can protect themselves by deleting this email if it is received. Members who believe they have the virus on their system can check their accounts by visiting McAfee.com or a virus site on AOL's internal system.

Take me to the Virus Workshop

Have your say instantly, and see what others have said. Click on the TalkBack button and go to the Security forum.

Let the editors know what you think in the Mailroom. And read what others have said.

Copyright © 1995-2008 CNET Networks, Inc. All rights reserved
ZDNET is a registered service mark of CNET Networks, Inc. ZDNET Logo is a service mark of CNET Networks, Inc.