Experts at SophosLabsâ„¢,
Sophos's global network of virus and spam analysis centres, have
discovered a worm which plays upon the public's interest in movie
stars Brad Pitt and Angelina Jolie, as well as celebrities such as
Britney Spears, Pamela Anderson and Paris Hilton.
The W32/Ahker-F
worm spreads via email using messages such as:
Watch Angelina Jolie and Brad Pitt cought on
TAPE! SEXY CLIP! WATCH IT!
Sophos believes the worm's author (who calls himself "Agent
Hacker") is capitalising on media interest in Brad Pitt and
Angelina Jolie's possible friendship. There has been speculation
that the film stars' relationship may have contributed to the
recent breakdown of Pitt's marriage with ex-Friends' actress
Jennifer Aniston.
If the attached file, Clip.zip, is opened and executed the worm
will attempt to spread to other email users. Other messages sent by
the worm include:
Hey buddy,
Check out this new porn clip of Britney Sprers!
Very Short but HOT!!
DOWNLOAD IT and WATCH IT!
Hello!
Paris Hilton new SEX TAPE has been released!
In the attachment you will find some short quick scenes(HOT!!)
that I liked the most!!
Download it! I know its SHORT but at least youve watched the
HOTTEST parts of it!
Hell yeah...it's Pam!
Watch this latest clip of Pamela Anderson!
You will find the clip in the attachment!
Enjoy!
"People's appetite for salacious gossip is insatiable, and some
may be tempted to run what appear to be pornographic movie files
distributed across the internet," said Graham Cluley, senior
technology consultant for Sophos. "However, virus writers have a
long history of disguising their malicious code as this kind of
content. Everyone should be very careful about what they choose to
run on their computer."
"If people want to read and look at this kind of stuff they may
be better off picking up one of the magazines in the queue for the
supermarket checkout till than using their PC," continued
Cluley.
As well as spreading via email, the worm attempts to spread via
file-sharing networks using a variety of salacious sounding
filenames such as PORNO.exe, XXX.exe, Naked
WWE Divas.exe, Naked Britney.exe, Naked
Celebrity.exe, and Celeb uncensord.exe. It also
attempts to launch a distributed denial of service attack against
Microsoft's security update website used by millions of computer
users around the world.
Additionally, the Ahker-F worm attempts to disable
security-related software on Windows computers and block access to
anti-virus websites.
Curiously, the virus writer has embedded a number of secret
messages inside his code including
Agent Hacker rules!
and
Genes don't contain any record of humain
history, you'll NEVER catch me!(Agent Hacker - Bazzi
Although there have only been a small reports of the worm,
Sophos recommends computer users ensure their anti-virus software
is up-to-date, and that companies protect themselves with a
consolidated solution which can defend them
from the threats of both spam and viruses.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.