IT security and data protection firm Sophos is warning of a new
malicious campaign that has been widely spammed out, designed to
steal passwords from online gamers under the cloak of an email
containing sexy photographs.
The dangerous emails have the subject line "Do you like to find
a girlfriend like me?", and contain the following text:
"Wish to have a boyfriend
Be able to protect me, take care of me
Intolerable lonely night and would like to have your
care.
do you Willing?
This is my photos."
Attached to the emails is an archive file called "my photos.rar"
which aside from containing 12 explicit photographs of a young
Asian woman also claims to contain two hardcore sex videos.
The video files, however, are really a password-stealing Trojan
horse called
Troj/Agent-LVF which steals usernames and password from players
of the popular online role-playing game World of Warcraft.
"A surprising amount of malware is designed to steal
registration keys, passwords and data from players of computer
games," said Graham
Cluley, senior technology consultant for Sophos. "This isn't
just about doing better in a computer game. Criminals are stealing
virtual assets like armour, money and weapons to trade for hard
cash in the real world. Hackers love to exploit human weaknesses to
break into users' computers, and images of a naked woman may prove
hard for some to resist."
Sophos recommends users themselves with a consolidated solution
that can defend against the threats of spam, hackers, spyware and
viruses.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.