Security news21 July 2009
Hidden-cam video of US sports reporter lures web users to malware infection Links to Erin Andrews peephole video infect PC and Mac users
IT security and control firm Sophos is warning all internet users to be wary of websites claiming to host a controversial nude video of high-profile ESPN reporter Erin Andrews - hackers are using the hype surrounding the hidden camera tape to distribute malware that will infect both PC and Mac computer systems.
The internet has been abuzz with news that a voyeur had secretly filmed the glamorous US sports reporter through the peephole of her hotel room door. Lawyers working for Andrews said that they will take legal action against anyone distributing the footage, which was taken without her knowledge or consent. However, opportunists and hackers have been quick to set up websites claiming to contain the illicit content, in the hope of driving internet traffic to their websites or infecting innocent victims.
Computer users who visit many of these sites are running the risk of being infected by the OSX/Jahlav-C Trojan horse on Macs, or the Mal/FakeAV-AY Trojan if visiting from a Windows computer. Once a hacker has control of your computer they can steal sensitive information and con unsuspecting computer users into paying for bogus online protection.
"If you want to look at naked women, buy yourself an adult magazine or get yourself a girlfriend. If you go searching for sleazy videos then don't be surprised if it's not just your mind that ends up corrupted, but your computer too," said Graham Cluley, senior technology consultant at Sophos, on his blog. "What's more, these attacks are aimed at both Mac and Windows users - hackers often now try to kill two birds with one stone by setting up malicious pages that can determine what type of computer you are using, and serve up the right malware accordingly."
As the hype continues to escalate online, Sophos notes that hackers have also taken to posting links to the malicious sites in as many places as possible including as comments on blogs written on the subject. Sophos advises that all computer users should avoid following untrusted links from blog and news story comments.
Download now
- Attacks rise 70% on social networks
- SEO poisoning and scareware on the rise
- Targeted attacks and cyberespionage
About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.
