SpamNet.A needs your help to conduct its dirty war. If you’ll just step on a website seeded by SpamNet, the sniper trojan will fire-off a load of other trojans, along with pornographic adware… which will lead to more trojans, more malware… your email address book ftp’d to a wolfpack, and… Did we mention that you’ll be the latest recruit in a Russian spam-zombie army?

Undoubtedly you’re thinking,”I don’t often reconnoiter porn sites, ergo, my borders are secure.”

Sorry. SpamNet is an equal opportunity virus. It started at porn sites, but debases every unsecured Windows 2003, XP, 2000, NT, ME, 98 and 95 computer it scouts. Fortunately, the patch has been out since January: Microsoft Security Bulletin MS05-002, Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code Execution (891711). (Still running Windows 95? Stick a fork in it. There’s no patch.)

Most up-to-date desktop and network anti-virus defenders are well equipped to deal with SpamNet.A. Nevertheless, our anal firewall boss blocked access to “all-tgp.*”. Why? One of all-tgp sites is used for downloading SpamNet’s pals… and none of them are suitable for most Sunday schools. (Unless you like dancing with the Devil, don’t go to the websites. You’ll get the idea by googling all-tgp.)

While you’re firewalling, block SMTP for everything that’s not an authorized mail server… both in and out. Then watch your logs for failed SMTP-out attempts. Who knows? You may drop a few zombies yourself.

See for yourself at Panda.