Security news
Security news21 August 2008
Cybercriminals spam out Madonna video in advance of World Tour Hackers causing a commotion with malware hanky panky
IT security and control firm Sophos is warning music fans to be wary of opening unsolicited emails claiming to reveal the latest news about their favourite pop stars. The warning follows the discovery of a new wave of malware attacks which arrive in the unsuspecting computer users' inbox and claim to contain a link to a scandalous video of Madonna.
The emails claim to link to a XXX-rated video of pop superstar Madonna.
Sophos experts note that the cybercriminals have timed the attack to coincide with the start of Madonna's new world tour on Saturday - it is a common tactic for hackers to try to exploit excitement around upcoming events. However, users that click on the URL will not see a video of Madonna but will instead download a Trojan horse called Troj/FakeVir-EW that displays a bogus security warning encouraging them to purchase a piece of fake anti-virus software.
Once the hackers have fooled innocent internet users into handing over their credit card details, there is no telling if they will use the information for other forms of identity fraud.
"Madonna may have turned 50, but she's still as big a draw to cybercriminals as young Hollywood upstarts like bad girl Britney Spears, Paris Hilton and Lindsay Lohan," said Graham Cluley, senior technology consultant at Sophos. "With the new world tour just around the corner, it's not surprising that the hackers are trying to capitalise on this. Using topical stories is one of the oldest tricks in the book and the danger is that fans of the material girl will click before they think."
Sophos experts note that this is the latest attack from the cyber gang responsible for the recent MSNBC and CNN spam campaigns, and demonstrates that the crooks are not going to give up easily. Instead, they are continuously altering their emails and malware slightly in order to avoid detection by less sophisticated spam filters.
Sophos recommends companies automatically update their corporate virus protection, and run a consolidated solution at their email and web gateways to defend against viruses and spam.
About Sophos
Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com
