A Trojan horse program identified by the security firm Sophos uploads as many JPEG and data dump files as it can find on the user’s computer to an FTP server hosted in Iraq, analyst Chester Wisniewski wrote today on the company’s blog.

The company identified among uploaded files photos, scanned documents in Arabic and an archived Google Talk conversation.

“If I had to make a guess, I would think the evidence suggests it is being used for espionage, but we can’t be sure,” Wisniewski wrote, basing the claim on the location of the server and the types of files being targeted.

Users can turn off FTP access to avoid having their files copied, according to Sophos.

Image: dedMazay / Shutterstock.com