Press Releases

Browse our press release archive

26 Mar 2007

PC users attacked by Pushu Trojan pushed by porno spam

Hardcore emails can lead to malware infection

  Dave Attell and Lewis Black
Sophos found a photograph of US comedians Dave Attell and Lewis Black on the malware website.

IT security and control firm Sophos is warning of a widespread spam campaign that attempts to fool computer users into downloading a spyware Trojan horse. The emails, which contain phrases such as 'hot photos from my birthday', purport to be linking users to adult online content, when in fact the links lead to a website containing the Troj/Pushu-A Trojan horse, which attempts to steal information from infected PC owners.

According to Sophos, visitors to the website are encouraged to download what they believe will be a selection of hardcore adult photographs in an archive file - in reality the file is a malicious executable called xxx.exe or foto.exe. When investigating one website hosting the malware, experts at SophosLabs also discovered a peculiar photograph of two US comedians, Lewis Black and Dave Attell, which is apparently unrelated to either the spam emails or the malware itself.

"As with all messages offering salacious content, the danger is that some people may be so excited about the prospect of viewing the pictures that they'll click before thinking about what might be in the best interests of their PC's health," said Graham Cluley, senior technology consultant for Sophos. "The comics in the photograph certainly add a strange twist, though it's unlikely anyone will be laughing if their PCs are compromised by downloading Pushu."

A typical spam email, pointing to the Pushu Trojan horse
A typical spam email, pointing to the Pushu Trojan horse.

"The email spam campaign has been widely distributed, although thankfully we haven't received many reports of users infected by the Trojan horse," continued Cluley. "Those that visit the phoney adult websites risk throwing open their PCs for cybercriminals to steal information or carry out further online attacks. Thanks to its continued success rate, it seems likely that this type of illicit material will be used to tempt people into infection for some time to come."

Sophos recommends companies automatically update their corporate virus protection, and run a consolidated solution to defend against viruses, spyware and spam.

About Sophos

More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing complete security solutions that are simple to deploy, manage, and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, mobile and network security solutions backed by SophosLabs - a global network of threat intelligence centers.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.