Results 1 to 6 of 6

Thread: Celebrity-related and porn-related Virus: More catching!

  1. #1
    Senior Member
    Join Date
    Jan 2005
    Posts
    217

    Celebrity-related and porn-related Virus: More catching!

    Celebrity fans, check this out!

    Source here - http://news.zdnet.com/2100-1009_22-5648637.html
    'Brad Pitt' virus targets Microsoft
    By Dan Ilett, ZDNet (UK)
    Published on ZDNet News: March 31, 2005, 9:07 AM PT

    Brad Pitt, Angelina Jolie and Britney Spears are the subjects of a virus scam that is attempting to recruit computers for a denial-of-service attack on Microsoft.

    Hackers have released a self-spreading worm, called Ahker-F, that promises salacious movie clips of the celebrities. The e-mails contain text such as: "Watch Angelina Jolie and Brad Pitt cought (sic) on TAPE! SEXY CLIP! WATCH IT!"

    Attached to the e-mail is a .Zip file that contains the worm. If opened, the worm spreads to the user's e-mail contacts, disables security settings on the PC, and launches a denial-of-service attack against Microsoft's security update Web site.

    "People's appetite for salacious gossip is insatiable, and some may be tempted to run what appear to be pornographic movie files distributed across the Internet," Sophos, a security software company, said in a statement. "However, virus writers have a long history of disguising their malicious code as this kind of content. Everyone should be very careful about what they choose to run on their computer."

    The worm also spreads via file-sharing networks, using file names such as PORNO.exe, XXX.exe and Naked Britney.exe.

    Sophos said Thursday that only a small number of reports of the worm had been received.
    - Hmmm.. Seems that the legacy of Virus associated with celebrities and porn material really catches much attention from the un-aware (still) users who are checking their e-mails without taking any precautions. Need to spread much awareness, people.

    Yo!
    \"Life without FREEDOM is no life at all\". - William Wallace
    MyhomE MyboX StealtH (loop n. see loop.)
    http://www.geocities.com/sebeneleben/SOTBMulti.gif

  2. #2
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    it is called Social Engineering.. examples:

    I Love You - Virus
    Phishing Scams
    Fake ISP Tech calls..
    Anna Kornikova..(spelling)

    In spite of the best Protection systems we have in place .. the user is still the weakest link.. find a Patch for that exploite and 95% of Malware will need a new vector.. victor..
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  3. #3
    Senior Member
    Join Date
    Jan 2005
    Posts
    217

    Reflection

    The worm also spreads via file sharing networks
    - I forgot to mention this other source, which is very popular in spreading the virus silently to most of the systems involved in P2P. In my personal experience, way back 2002 when I first observed the capabilities and effects of Kazaa (a peer-to-peer [P2P] software), in which we actually tried and used inside our network. My supervisor (NET ADMIN) was the main culprit in promoting this software during that time, I had asked him about it. I am curious about how does it work and why they call it P2P. He then told me that there are interconnected servers and host computers involved in the file sharing. P2P are actually good in broadband connections (like DSL). I follow-up my question with "Is it safe?", then my supervisor keep bragging that every software we use is not safe, even M$ products, he QUOTE was not 100% safe. I knew that with such capabilities of sharing without limit, viruses and other malicious program could use this means to spread. Then after several weeks, we had been alarmed for INTRUSIONS ATTEMPT into our system. He quickly stopped Kazaa and started tracing and monitoring the network activities. Using combinations of IDS tools, firewall and AVs, anti-spyware was not that popular in our country during those times, he learned that IPs from Taiwan, China and Europe (if it really is true) have been port-scanning the network for several days during that time and trying to find open ports and probably try to pass the security layers of the system. We had HARDWARE FIREWALL, PROXY, IIS and ISA Server fronting the gateway of our very new ADSL connection during that time. We are forced to have a separate Server for the IDS to log the activities of the network (especially the external activities). He formatted the BoX (with the Kazaa client) and stopped doing that thing he did. Good thing that not much penetration had had happened and timely all the unused ports had been closed and locked-down. *Eventhough it was never traced the connection of using the P2P and the attempted intrusion, many things could really happen. It's just one suspect.

    Just like you said, Und3ertak3r, the user is still the weakest link. Trying software without studying/reviewing it first (like knowing the consequences of using such SW) is not a good idea. At least it should be tested in separate BoX for experimentation. Life's lesson that is, we have to be very attentive to cause and effect, advantages and disadvantages. Even small issues should be considered as threat. P2Ps were good for the reason of file sharing, but not good at all if you talk about security. I remember the thread/news about Kazaa lite employees don't even want to use their own product ('coz it makes their network very very slow). Then I remember one article about Oracle's Ellison's idea of eating their own dog food (translated as "using your own product in your system"), well, Kazaa lite's own people don't want to use their own product anymore.

    On the other hand, CLICKING that link in e-mail is TRULY a bad idea (even if it comes from your very best friend or relative), especially if you are not aware of the consequences.

    SW Patches should slow the process (of virus spreading) and most probably stop it, but more and more new-kids-on-the-block will rise and do some nasty stuff, nastier, meaner way of social engineering. I wish there was patch for human.

    Yo!
    \"Life without FREEDOM is no life at all\". - William Wallace
    MyhomE MyboX StealtH (loop n. see loop.)
    http://www.geocities.com/sebeneleben/SOTBMulti.gif

  4. #4
    Geez...a virus that uses porn and celebrities as bait? How original
    Oh and one that DOS's Microsoft?....havent seen that before

    Me wonders when it will *take*...when it will sink into the users brains NOT to click. How many times of being duped and after the deluge of information directed toward the dupees will it take....sigh.

    It's Saturday...I'm off to my beer bottles. Cheers!

  5. #5
    In And Above Man Black Cluster's Avatar
    Join Date
    Feb 2005
    Posts
    912
    Actually, the human factor is always the de facto player in spreading such kind of maleware.

    Uneducated users are always the weakest link, thanks to thier fatal curiousity! The impact of this brand-new methods are less upon corporates than casual users, this to some extestion is good. But if an employee is using an exterenal (Sneaking) email, he might get infected by a friend who suppose to send a content-clear message.

    I still insest that corporates MUST enforce thier user not to open ANY not-business-related webs or applications, only this way the corporation can protect its virtual premises.

    The increasing hatred toward MS will make MS in a big troubles, I guess.

    Any system can be patched for vulnerabilities, how about the human brain? Is there any patches available {Other than Education}.... I think a firewall that blockes everything will work nicely for them..... lol ....

    Cheers
    \"The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards - and even then I have my doubts\".....Spaf
    Everytime I learn a new thing, I discover how ignorant I am.- ... Black Cluster

  6. #6
    Senior Member
    Join Date
    Jan 2005
    Posts
    217

    and then...

    I think a firewall that blockes everything will work nicely for them..... lol ....
    -and then comes more question about FIREWALLS... The need to educate people about other means of protection takes place.

    Yo!
    \"Life without FREEDOM is no life at all\". - William Wallace
    MyhomE MyboX StealtH (loop n. see loop.)
    http://www.geocities.com/sebeneleben/SOTBMulti.gif

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •