WWW- Security experts have warned of a new worm which lures with promises of steamy pictures of Brad Pitt and Angelina Jolie.
The W32/Ahker-F worm, containing payload to target Microsoft, spreads via email using messages such as: Watch Angelina Jolie and Brad Pitt cought (sic) on TAPE! SEXY CLIP! WATCH IT!
SophosLabs, Sophos’s global network of virus and spam analysis centres, has discovered the worm which plays upon the public’s interest in movie stars Brad Pitt and Angelina Jolie, as well as celebrities such as Britney Spears, Pamela Anderson and Paris Hilton.
Analysts at Sophos believe the worm’s author (who calls himself “Agent Hacker”) is capitalising on media interest in Brad Pitt and Angelina Jolie’s possible friendship. There has been speculation that the film stars’ relationship may have contributed to the recent breakdown of Pitt’s marriage with ex-Friends’ actress Jennifer Aniston.
If the attached file, Clip.zip, is opened and executed the worm will attempt to spread to other email users.
“People’s appetite for salacious gossip is insatiable, and some may be tempted to run what appear to be pornographic movie files distributed across the internet,” said Graham Cluley, senior technology consultant for Sophos.
“However, virus writers have a long history of disguising their malicious code as this kind of content. Everyone should be very careful about what they choose to run on their computer.
“If people want to read and look at this kind of stuff they may be better off picking up one of the magazines in the queue for the supermarket checkout till than using their PC,” Cluley said.
As well as spreading via email, the worm attempts to spread via file-sharing networks using a variety of salacious sounding filenames such as PORNO.exe, XXX.exe, Naked WWE Divas.exe, Naked Britney.exe, Naked Celebrity.exe, and Celeb uncensord.exe.
It also attempts to launch a distributed denial of service attack against Microsoft’s security update website used by millions of computer users around the world.
Additionally, the Ahker-F worm attempts to disable security-related software on Windows computers and block access to anti-virus websites.
Curiously, the virus writer has embedded a number of secret messages inside his code including: Agent Hacker rules! and Genes don’t contain any record of humain history, you’ll NEVER catch me!(Agent Hacker – Bazzi
Although there have only been a small reports of the worm, Sophos recommends computer users ensure their anti-virus software is up-to-date, and that companies protect themselves with a consolidated solution which can defend them from the threats of both spam and viruses.