Sexy spamming girls aim to steal World of Warcraft passwords

Sophos Press Release

Hardcore video is really password-stealing Trojan

IT security and data protection firm Sophos is warning of a new malicious campaign that has been widely spammed out, designed to steal passwords from online gamers under the cloak of an email containing sexy photographs.

The dangerous emails have the subject line "Do you like to find a girlfriend like me?", and contain the following text:

"Wish to have a boyfriend
Be able to protect me, take care of me
Intolerable lonely night and would like to have your care.
do you Willing?

This is my photos."

Attached to the emails is an archive file called "my photos.rar" which aside from containing 12 explicit photographs of a young Asian woman also claims to contain two hardcore sex videos.

Cropped image

The video files, however, are really a password-stealing Trojan horse called Troj/Agent-LVF which steals usernames and password from players of the popular online role-playing game World of Warcraft.

"A surprising amount of malware is designed to steal registration keys, passwords and data from players of computer games," said Graham Cluley, senior technology consultant for Sophos. "This isn't just about doing better in a computer game. Criminals are stealing virtual assets like armour, money and weapons to trade for hard cash in the real world. Hackers love to exploit human weaknesses to break into users' computers, and images of a naked woman may prove hard for some to resist."

Sophos recommends users themselves with a consolidated solution that can defend against the threats of spam, hackers, spyware and viruses.

More than 100 million users in 150 countries rely on Sophos’ complete security solutions as the best protection against complex threats and data loss. Simple to deploy, manage, and use, Sophos’ award-winning encryption, endpoint security, web, email, mobile and network security solutions are backed by SophosLabs - a global network of threat intelligence centers. Sophos is headquartered in Oxford, U.K., and is publicly traded on the London Stock Exchange under the symbol “SOPH.” More information is available at