Skip to main content
To Customer Support To Customer Support
A client, a lawyer, received this e-mail from his law society.

 

A BC lawyer advised the Law Society that he received an email and attachment from Aldo-Henson. The lawyer's standard anti-virus program didn't detect a virus, but because the lawyer did not recognize the sender's name he saved the message to a USB drive and scanned the email with a different anti-virus program superior in detecting Trojan viruses. The email's .zip attachment contained a virus called "Trojan.Downloader.js.ra."

The sender's email stated:

Please find attached copy of the passport for my wife and daughter as requested. please note we need to complete on the purchase in 4 weeks from the agreed date.

Thank you,

Aldo Henson

The email included an attachment with the file name "Aldo Henson.zip."

Accountants have reportedly received the same email but with different sender names.

 

Does anyone know anything about this virus?  Specifically, can Webroot detect it?
Hi james_morgan

 

Welcome to the Community Forums.

 

This is not a new Trojan by any means and therefore WSA should detect it given that it detects many forms of malware including Trojans.

 

Having said that there are new variants of existing malware that are coming out all of the time as the battle between good (the threat researchers & security app authors) & evil (the miscreants who create malware) and so it is in some cases possible that a new variant may strike and get through defenses before the Cloud database of threats has been updated...but in general that is rare.

 

As for the Trojan itself, well, from the research I have carried out this type of trojan operates by secretly downloading malicious files from a remote server, and then installing and executing the files on the infected system, hence the 'downloader' in its designation.

 

Hope that answer the question?

 

Regards, Baldrick

Reply


Terms & Conditions