24 Dec 2007
Santa's virus striptease goes down a Storm, warns Sophos
Mrs Claus goes wild with holiday strip show malware
Researchers at SophosLabs™ have warned
computer users that hackers have wildly distributed an email on
Christmas Eve pointing to a website containing a malicious Santa
The emails, which have many varied subject lines including "Your
Secret Santa", "Santa Said, HO HO HO", "Warm Up this Christmas" and
"Mrs. Clause Is Out Tonight!" attempt to direct internet users to
the same website containing images scantily clad young women in a
Santa suit. The images and "Download for free now!" button both
linked to an executable detected as by Sophos as W32/Dorf-AE (a worm also
known as Storm).
"Despite its disguise, Dorf-AE isn't much of a Christmas
present. Users who visit the striptease website risk infecting
their PC and allowing hackers to gain access to their PC's
resources and data," said Graham Cluley, senior
technology consultant for Sophos. "Heartless hackers and virus
writers can attack at any time of year, and every computer user
should be on the lookout for unusual emails and be wary of ever
clicking on unsolicited links they are sent via email."
Sophos advises companies to be as suspicious during the holiday
season as they would be at any other time of the year.
Sophos recommends companies protect themselves with a consolidated solution which can control network access and defend
against the threats of spam, hackers, spyware and viruses.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing complete security solutions that are simple to deploy, manage, and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, mobile and network security solutions backed by SophosLabs - a global network of threat intelligence centers.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.