IT security and control firm Sophos is urging computer users
once again to patch against a critical bug in how Microsoft Windows
handles animated cursors (ANI files) as hackers exploit the problem
by sending out emails related to professional party girl Paris
Hilton and hardcore actress Jenna Jameson.
The emails claim to come from Nude
The spammed email messages have subject lines such as "Hot
pictures of paris hilton nude" and contain an embedded image not of
the celebrity hotel heiress but of pornographic actress Jenna
Jameson. When clicked on, the image links to a website containing
the malicious Troj/Iffy-B Trojan horse.
The Trojan horse in turn points to another piece of malware which
tries to exploit the Microsoft vulnerability.
The emails have a clickable picture of porn
star Jenna Jameson.
This latest attack is believed to be by the same group of
hackers that last week spammed out scantily clad
pictures of Britney Spears to exploit the Microsoft
vulnerability. It follows news that Paris Hilton and Jenna Jameson
were seen celebrating the latter's birthday party together at a
trendy LA club last weekend.
"The problem is that consumers and businesses may not yet have
patched themselves against this vulnerability, and clicking on
unsolicited emails like these could lead them to a nasty malware
infection," said Graham Cluley, senior
technology consultant for Sophos. "Microsoft issued a patch
for the problem last week, but determined hackers look set on
taking advantage of the security flaw for some time to come."
Home users of Microsoft Windows can visit update.microsoft.com to have their systems scanned for
Microsoft security vulnerabilities.
Sophos experts note that this is not the first time that Paris
Hilton has been used as bait in an attempt to trick innocent
computer users into viral infection. Two
mass-mailing worms that masqueraded as X-rated videos of Hilton
were released in February 2005. The promise of glimpses of pin-ups
Roberts, Angelina Jolie
and Brad Pitt, Jennifer
Lopez, or the stars of 'Sex and the
City' have previously been used to help viruses spread.
Sophos continues to recommend companies protect their desktops
and servers with automatically updated
protection against viruses, spyware, and spam.