Sexy spamming girls aim to steal World of Warcraft passwords

November 27, 2009 Sophos Press Release

IT security and data protection firm Sophos is warning of a new malicious campaign that has been widely spammed out, designed to steal passwords from online gamers under the cloak of an email containing sexy photographs.

The dangerous emails have the subject line "Do you like to find a girlfriend like me?", and contain the following text:

"Wish to have a boyfriend
Be able to protect me, take care of me
Intolerable lonely night and would like to have your care.
do you Willing?

This is my photos."

Attached to the emails is an archive file called "my photos.rar" which aside from containing 12 explicit photographs of a young Asian woman also claims to contain two hardcore sex videos.

Cropped image

The video files, however, are really a password-stealing Trojan horse called Troj/Agent-LVF which steals usernames and password from players of the popular online role-playing game World of Warcraft.

"A surprising amount of malware is designed to steal registration keys, passwords and data from players of computer games," said Graham Cluley, senior technology consultant for Sophos. "This isn't just about doing better in a computer game. Criminals are stealing virtual assets like armour, money and weapons to trade for hard cash in the real world. Hackers love to exploit human weaknesses to break into users' computers, and images of a naked woman may prove hard for some to resist."

Sophos recommends users themselves with a consolidated solution that can defend against the threats of spam, hackers, spyware and viruses.