14 DAY TRIAL // Shocking photos and equally shocking videos of nude Hollywood stars such as Nicole Kidman, Angelina Jolie and Natalie Portman are the subject of a spam campaign directed at Windows users. The promise of free pornographic materials involving the three celebrities is designed to be a hard to resist incentive in a social engineering scheme created to spread the Troj/Dloadr-BCP Trojan downloader. Security company Sophos was warned that the widespread malicious spam campaign promising pornographic materials of Hollywood stars is in fact nothing more than a way to convince users to access malformed ZIP attachments that will infect their machines.
"These emails are masquerading as pornographic content, tempting the unwary into opening a file on their Windows computer which will install a rootkit and download further malicious code from the Internet," said Graham Cluley, senior technology consultant for Sophos. "This kind of social engineering trick is nothing new - in fact it has been used so often by cybercriminals that it sometimes feels like it's been around since the days of the silent movies. However, that hasn't stopped it from being an effective way to fool many people into running code designed to allow hackers to break into computers."
Following the initial infection with the Troj/Dloadr-BCP downloader, via an attachment dubbed amazing.zip, containing the shocking.exe executable, two additional pieces of malware are dropped on the user's computer: Troj/NTRootK-BY and Troj/Agent-FVT. Sophos revealed that the fact that the spam campaigns promising porn is such a generalized practice points out that the formula actually works and that the attackers don't even have to work that hard to compromise the victims' system. "The best way to defend yourself is to practise safe computing. That means not only running an up-to-date anti-virus, security patches and firewall - but also exercising caution over what programs you decide to run on your computer," continued Cluley. "You should always think twice before opening a file that unexpectedly arrives in your email inbox."