It’s true, and a large number of citizens have been infected by a trojan horse virus. Here is a post by chrispeg in the AW newsgroups that explains the virus a bit.
If you get a telegram like this:
Telegram from ‘someone’s name’, sent Mon Jul 21, 2003 06:41:
My friend has made a cool little program for AW and it would mean a lot to me if you helped him out and downloaded it and told me and him what you think: www.twisted-inc.com/awtoolkit.exe
How it installs on your system:
awtoolkit.exe immidiatly renames to c:%win_root%msagentmslxlu.exe. It creates at least 3 registry entries, which call the program whenever you logon to windows and/or you start IE. Once mslxlu.exe it copies itself to c:%win_root%system32msrksd.com, which is also called when you logon to windows or start IE. A third copy is made and copied to c:%win_root%win32cmds.exe. Using your taskmanager (win2k/XP) will show you this process once its running.
All instances are UPX compressed files. Norton does NOT recognize the trojan!
What it does:
1) It runs an IRC server on port 6666
2) It connects to ICQ using remote port 80
3) It tries to connect to hotmail.com to send off an email, using remote port 25.
The virus has the capability of grabbing ahold of your citizen password. This is truthful because a number of citizens have got the telegram and downloaded the program. Pineriver and Grace H. Mace have both got the trojan, for example, so the hacker signs onto their accounts and sends out the above telegram telling their friends to get the program. Do not install this, or any other EXE files ever from anyone. Although I think you should know that by now. 😉