Worm resorts to dirty tricks in an attempt to spread
Virus experts at Sophos have discovered a mass-mailing worm that
fools computer users into believing that pornographic adult content
has been found on their PC, and lures them into running malicious
code which opens a backdoor allowing remote hackers access to their
data.
The W32/Baba-C
worm spreads via email, duping innocent users into believing that
it is a warning about XXX content found on their Windows PC. Users
are told that adult material on their PC can be hidden by running a
program called "Evidence Cleaner". However, in reality, no X-rated
content has been found on the PC, and clicking on the attached file
runs the worm which will attempt to forward itself to other email
addresses, and open a backdoor for hackers to gain access to the
system.
|
| Part of the email message sent by the W32/Baba-C
worm. |
Emails sent by the worm have the following characteristics:
Subject:
Important! XXX sites found on your computer!
Message body:
Windows Evidence Checker has found XXX content on your
computer. You can hide your activities with Evidence Cleaner
service.
To run Evidence Cleaner click to quick shortcut
attached.
Warning! Your copy of Evidence Cleaner will be expired after
7 days. Today you can register for FREE.
Please check attached instructions for more
details.
"Many people are worried about the adult material that inhabits
areas of the internet, and don't want it to reach their PC. It's
also clear that the internet is widely used for accessing hardcore
sexual material," said Graham Cluley, senior
technology consultant for Sophos. "Either way, many people want to
ensure that their PC contains no evidence of XXX content, and may
be tempted to follow this email's instructions if they receive this
worm. The Baba-C worm is using a dirty trick. Our advice, as
always, is to keep your anti-virus software up-to-date and never
launch an unsolicited email attachment. "
Although there have only been a small number of reports of the
W32/Baba-C worm, Sophos recommends computer users ensure their
anti-virus software is up-to-date, and that companies protect
themselves with a consolidated solution
which can defend them from the threats of both spam and
viruses.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.