Security news
Security news2 August 2007
Nude Nicole Kidman, Angelina Jolie, Natalie Portman? Sophos warns of email assault Spammed out "shocking photos" contain malicious payload
The emails claim to contain naked photographs of Hollywood actresses.
IT security and control firm Sophos is urging computer users to think before opening unsolicited email attachments following a widespread spam campaign that claims to contain shocking nude pictures of female celebrities, but really installs a malicious rootkit.
The emails, which typically have an attached file called amazing.zip or shocking.zip, contain a message similar to:
Good morning, old chap!
Shocking video of nude Angelina Jolie. See it in your attachment.
Best Regards.
The emails are exploiting the fame of Hollywood stars such as Nicole Kidman, Angelina Jolie, Natalie Portman, Milla Jovovich and pixelated videogame babe Lara Croft in their attempt to get computer users to open the attached file on their computers.
"These emails are masquerading as pornographic content, tempting the unwary into opening a file on their Windows computer which will install a rootkit and download further malicious code from the internet," said Graham Cluley, senior technology consultant for Sophos. "This kind of social engineering trick is nothing new - in fact it has been used so often by cybercriminals that it sometimes feels like it's been around since the days of the silent movies. However, that hasn't stopped it from being an effective way to fool many people into running code designed to allow hackers to break into computers."
A typical email containing the malicious attachment.
"The best way to defend yourself is to practise safe computing. That means not only running an up-to-date anti-virus, security patches and firewall - but also exercising caution over what programs you decide to run on your computer," continued Cluley. "You should always think twice before opening a file that unexpectedly arrives in your email inbox."
Sophos anti-virus products detect the malicious attachment as Troj/Dloadr-BCP, and the rootkit it drops as Troj/Agent-FVT.
"Rootkits are software frequently used by third parties - usually a hacker - to hide other software and processes using advanced stealth techniques. Malicious code, such as spyware and keyloggers, can be invisibly cloaked from detection by conventional security products or the operating system making them hard to detect," explained Cluley. "Hackers use rootkit technology to maintain access to a compromised computer without the user's knowledge, so it's important to be properly defended from these sort of threats."
Sophos Anti-Rootkit identifies known and unknown rootkits, and is available to download - free of charge - for non-Sophos users, as well as existing customers.
Simply click on the arrow above to stream a podcast about rootkits through your browser. Alternatively you can download it to your MP3 player.
Sophos experts note that this is not the first time that female celebrities have been used as bait in an attempt to trick innocent computer users into viral infection. The promise of glimpses of pin-ups like Paris Hilton, Britney Spears, Halle Berry, Avril Lavigne, Anna Kournikova, Julia Roberts, Angelina Jolie and Brad Pitt, Jennifer Lopez, or the stars of 'Sex and the City' have previously been used to help viruses spread.
Sophos continues to recommend companies protect their desktops and servers with automatically updated protection against viruses, hackers, spyware, and spam.
About Sophos
Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com
