According to security experts BlackSpider Technologies, millions of emails
containing the Trojan-downloader Win32.small.cfg were sent to UK businesses late on Sunday. Some 2,400,000 mails were sent before the anti-virus community could react. Win32.small.cfg was spammed out from 9pm local time on 26 January, designed to exploit the longest possible window of exposure between its release and the first anti-virus vendors issuing a patch. The infected mails were spammed with the subject "YOUR BILL PAYMENT NOT APPROVED!" containing an attached executable called BILL#5563880.
James Kay, CTO, BlackSpider Technologies, warned: "This Trojan was successful in achieving what appears to be its main purpose – to reach as many inboxes as possible before the anti-virus industry could react.
"Last year we saw many attempts to infect PCs during the window of exposure and that trend looks set to continue in 2006. Businesses that are not using proactive intelligent threat prevention technology to tackle new viruses are leaving themselves at serious risk from infection, as today's outbreak shows."