The emails claim to contain naked photographs of Hollywood
actresses.
IT security and control firm Sophos is urging computer users to
think before opening unsolicited email attachments following a
widespread spam campaign that claims to contain shocking nude
pictures of female celebrities, but really installs a malicious
rootkit.
The emails, which typically have an attached file called
amazing.zip or shocking.zip, contain a message similar to:
Good morning, old chap!
Shocking video of nude Angelina Jolie. See it in your
attachment.
Best Regards.
The emails are exploiting the fame of Hollywood stars such as
Nicole Kidman, Angelina Jolie, Natalie Portman, Milla Jovovich and
pixelated videogame babe Lara Croft in their attempt to get
computer users to open the attached file on their computers.
"These emails are masquerading as pornographic content, tempting
the unwary into opening a file on their Windows computer which will
install a rootkit and download further malicious code from the
internet," said Graham
Cluley, senior technology consultant for Sophos. "This kind of
social engineering trick is nothing new - in fact it has been used
so often by cybercriminals that it sometimes feels like it's been
around since the days of the silent movies. However, that hasn't
stopped it from being an effective way to fool many people into
running code designed to allow hackers to break into
computers."
A typical email containing the malicious
attachment.
"The best way to defend yourself is to practise safe computing.
That means not only running an up-to-date anti-virus, security
patches and firewall - but also exercising caution over what
programs you decide to run on your computer," continued Cluley.
"You should always think twice before opening a file that
unexpectedly arrives in your email inbox."
Sophos anti-virus products detect the malicious attachment as
Troj/Dloadr-BCP, and
the rootkit it drops as Troj/Agent-FVT.
"Rootkits are software frequently used by third parties -
usually a hacker - to hide other software and processes using
advanced stealth techniques. Malicious code, such as spyware and
keyloggers, can be invisibly cloaked from detection by conventional
security products or the operating system making them hard to
detect," explained Cluley. "Hackers use rootkit technology to
maintain access to a compromised computer without the user's
knowledge, so it's important to be properly defended from these
sort of threats."
Sophos Anti-Rootkit identifies known and unknown rootkits, and
is available to
download - free of charge - for non-Sophos users, as well as
existing customers.
Simply click on the arrow above to stream a
podcast about rootkits through your browser. Alternatively you can
download it to your MP3
player.
Sophos experts note that this is not the first time that female
celebrities have been used as bait in an attempt to trick innocent
computer users into viral infection. The promise of glimpses of
pin-ups like Paris Hilton,
Britney
Spears, Halle
Berry, Avril
Lavigne, Anna
Kournikova, Julia
Roberts, Angelina Jolie
and Brad Pitt, Jennifer
Lopez, or the stars of 'Sex and the
City' have previously been used to help viruses spread.
Sophos continues to recommend companies protect their desktops
and servers with automatically updated
protection against viruses, hackers, spyware, and spam.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.