Security news21 August 2008
Cybercriminals spam out Madonna video in advance of World Tour Hackers causing a commotion with malware hanky panky
IT security and control firm Sophos is warning music fans to be wary of opening unsolicited emails claiming to reveal the latest news about their favourite pop stars. The warning follows the discovery of a new wave of malware attacks which arrive in the unsuspecting computer users' inbox and claim to contain a link to a scandalous video of Madonna.
The emails claim to link to a XXX-rated video of pop superstar Madonna.
Sophos experts note that the cybercriminals have timed the attack to coincide with the start of Madonna's new world tour on Saturday - it is a common tactic for hackers to try to exploit excitement around upcoming events. However, users that click on the URL will not see a video of Madonna but will instead download a Trojan horse called Troj/FakeVir-EW that displays a bogus security warning encouraging them to purchase a piece of fake anti-virus software.
Once the hackers have fooled innocent internet users into handing over their credit card details, there is no telling if they will use the information for other forms of identity fraud.
"Madonna may have turned 50, but she's still as big a draw to cybercriminals as young Hollywood upstarts like bad girl Britney Spears, Paris Hilton and Lindsay Lohan," said Graham Cluley, senior technology consultant at Sophos. "With the new world tour just around the corner, it's not surprising that the hackers are trying to capitalise on this. Using topical stories is one of the oldest tricks in the book and the danger is that fans of the material girl will click before they think."
Sophos experts note that this is the latest attack from the cyber gang responsible for the recent MSNBC and CNN spam campaigns, and demonstrates that the crooks are not going to give up easily. Instead, they are continuously altering their emails and malware slightly in order to avoid detection by less sophisticated spam filters.
Sophos recommends companies automatically update their corporate virus protection, and run a consolidated solution at their email and web gateways to defend against viruses and spam.
Free virus scan
- Free virus, spyware, and adware scan
- Test your existing anti-virus protection
- Find threats your anti-virus missed
About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.
