Experts at SophosLabs™, Sophos's global
network of virus and spam analysis centers, have warned of a spam
campaign that claims that Michael Jackson has attempted suicide in
an attempt to lure innocent computer users into being infected by a
The email claims that Michael Jackson has
attempted to commit suicide. But clicking on the link will cause
Sophos has identified hundreds of the spam messages being sent,
preying on intense media interest in the trial of the controversial
popstar. The spam emails have the following characteristics:
Re: Suicidal aattempt
Last night, while in his Neverland Ranch, Michael Jackson has
made a suicidal attempt.
They suggest this attempt follows the last claim was made
against the king of pop. 46 years old Michael has left pre-suicid
note which describes and interpretes some of his sins.
However, when users click on the link they are taken to a
website which secretly installs malicious code onto their PCs.
"If you click on the link the website displays a message saying
it is too busy, which may not surprise people who think it might
contain genuine breaking news about Michael Jackson," said Carole Theriault, security
consultant at Sophos. "However, this is a diversionary tactic -
because behind the scenes the website is downloading malware onto
the user's computer without their knowledge."
Experts at Sophos have analysed the code downloaded by clicking
on the link, and determined that it itself attempts to download
another Trojan horse which Sophos detects as Troj/Borobt-Gen.
Sophos PureMessage has been updated to detect the spam message
automatically at email gateways.
Sophos notes that this is not the first time that the troubled
pop star has been exploited by virus writers and hackers attempting
to spread their malware. In October last year messages
were posted on the internet claiming that incriminating home videos
belonging to Jackson had been discovered - but clicking on the link
infected web surfers with the Hackarmy Trojan horse.
"The sick minds behind viruses and other malware often exploit
celebrity names and news stories in an attempt to infect as many
people as possible," continued Theriault. "All computer users
should be very careful about clicking on weblinks in unsolicited
email or launching unknown attachments."
Sophos recommends companies automatically update their corporate
virus protection, and filter attachments which may contain
malicious code at the email gateway with a consolidated solution to defend against viruses
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.