Party girl Paris Hilton subject of Microsoft vulnerability spam attack

April 12, 2007 Sophos Press Release

IT security and control firm Sophos is urging computer users once again to patch against a critical bug in how Microsoft Windows handles animated cursors (ANI files) as hackers exploit the problem by sending out emails related to professional party girl Paris Hilton and hardcore actress Jenna Jameson.

The emails claim to come from Nude JemmaJameson.com
The emails claim to come from Nude JemmaJameson.com.

The spammed email messages have subject lines such as "Hot pictures of paris hilton nude" and contain an embedded image not of the celebrity hotel heiress but of pornographic actress Jenna Jameson. When clicked on, the image links to a website containing the malicious Troj/Iffy-B Trojan horse. The Trojan horse in turn points to another piece of malware which tries to exploit the Microsoft vulnerability.

The emails have a clickable picture of porn star Jenna Jameson
The emails have a clickable picture of porn star Jenna Jameson.

This latest attack is believed to be by the same group of hackers that last week spammed out scantily clad pictures of Britney Spears to exploit the Microsoft vulnerability. It follows news that Paris Hilton and Jenna Jameson were seen celebrating the latter's birthday party together at a trendy LA club last weekend.

"The problem is that consumers and businesses may not yet have patched themselves against this vulnerability, and clicking on unsolicited emails like these could lead them to a nasty malware infection," said Graham Cluley, senior technology consultant for Sophos. "Microsoft issued a patch for the problem last week, but determined hackers look set on taking advantage of the security flaw for some time to come."

Home users of Microsoft Windows can visit update.microsoft.com to have their systems scanned for Microsoft security vulnerabilities.

Sophos experts note that this is not the first time that Paris Hilton has been used as bait in an attempt to trick innocent computer users into viral infection. Two mass-mailing worms that masqueraded as X-rated videos of Hilton were released in February 2005. The promise of glimpses of pin-ups like Britney Spears, Halle Berry, Avril Lavigne, Anna Kournikova, Julia Roberts, Angelina Jolie and Brad Pitt, Jennifer Lopez, or the stars of 'Sex and the City' have previously been used to help viruses spread.

Sophos continues to recommend companies protect their desktops and servers with automatically updated protection against viruses, spyware, and spam.