‘Here you have’ an aggressive sex movie attack
By Tom Brewster,
Cyber criminals have gone old-school by reverting to the tried and tested method of sending out emails containing a link to a malicious file, major security companies have warned.
In this case, the hackers have used the subject line of ‘Here you have’ or something similar, whilst a link in the body of the email is accompanied by a phrase designed to tempt the recipient in, such as the offer of free “sex movies.”
In fact, the link will take the target to a site where they will be prompted to download a virus onto their computer.
Once the worm has made its way into the user’s system, it will attempt to send the same email to contacts in the user’s address book and try to prevent security software from working.
Orla Cox, a security expert at Symantec, told IT PRO it is “a widespread threat.”
“The worm is particularly aggressive and spreads quickly within organisations. It has compromised a number of enterprise organisations,” Cox added.
The virus installs on the Windows directory as a file called CSRSS.EXE, which may easily be confused with the valid CSRSS.EXE file in the Windows System directory, according to McAfee researchers’ analysis.
The worm can also be spread through removable drives, such as USB devices, while Sophos has suggested it could be propagated via network shares as well.
Despite prevalent concerns, the initial file pointed to in the emails has now been deleted, according to reports.
“The intention of the attack appears to be to steal information. The malware downloads components and other tools which extract passwords from browsers (Firefox, Chrome, Internet Explorer, Opera), various email clients, and other applications,” explained Graham Cluley, senior technology researcher at Sophos.
Many security researchers also noted the similarity between this attack and those seen in the early 2000s, when lures such as love letters and Anna Kournikova images were used as bait.
As for what businesses can do, Ash Patel, country manager of the UK and Ireland for Stonesoft, said they should both educate and take a hard line on issues such as this attack.
“If staff are made sufficiently aware of threats, yet still naively open emails that are obviously a security risk, then I think disciplinary action has to be an option for the organisation,” Patel told IT PRO.
“The same action would be taken if an employee deliberately installed a virus on the network.”
You may also like...
Sponsored Links
advertisement
You may also like...
Latest Security Analysis & Insight
What is your password worth?
Would you be tempted to sell off company passwords for a fee? If not, seems like you're in the minority, acccording to research.
- Macs under attack?
- Intel: security inside
- Are you spending too much on IT security?
- Does the government want to snoop on your data?
- Eurocrats versus the cyber criminals
- The truth about spam
- Google and privacy: What’s the problem?
- Q&A: Symantec’s CISO on the source code hack
- RSA: Back from the breach?
Latest Security Reviews
Check Point 2210 Appliance review
Rating: 
advertisement
Most popular
- Apple iPad 3 vs iPad 2 head-to-head review
- Dell EqualLogic PS6100XS review
- Chromebooks: What's gone wrong?
- ICO: Fines for cookie law breakers
- UK regulator shuts down Angry Birds scam
- Open source software driving cloud-based innovation
- Fujitsu targets enterprises with Android ICS tablet
- IBM bans use of Siri on iPhones
- Dell PowerEdge R820 review
- BlackBerry 7 OS certified to carry 'Restricted' UK government information
Latest News Videos in Security
IT PRO Podcast: Are UK data protection laws flawed?
PlayWe bring in two experts to talk about the problems with UK data protection law and the way it is managed.
Register for IT PRO
You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
