Britney Spears, Bill Gates top list of virus lures

By Shawna McAlearney, News Editor 14 Jun 2005 | SearchSecurity.com

Digg This!     StumbleUpon     Del.icio.us

Osama Bin Laden found hanged! Paris Hilton releases new SEX TAPE! Michael Jackson makes suicide attempt! Take a look at these pics! Is it any wonder in our celebrity-obsessed, news-driven society that some users will click on these eye-catching, but malware laden, e-mail attachments?

More news from the AV world This Trojan is wacko for Jacko Latest Mytob worms phish for trouble

Malicious code writers will try all kinds of tricks to entice people into clicking. Whether it offers Hollywood gossip, pornographic movies or unreleased news images, these attachments and site links disguise the attackers' ultimate goal of installing Trojans, worms and viruses on users' systems.

"Celebrities being used to help spread viruses is not new," Carole Theriault, a security consultant at Lynnfield, Mass.-based Sophos, said in an e-mail. "There have been countless examples where viruses, particularly those that spread as infected e-mail attachments, purport to have salacious and/or compromising images of a celeb. Virus writers will use the promise of revealing something about a famous person to goad a user into opening the malicious file [or clicking on a malicious link]."

According to an analysis by Panda Software in Glendale, Calif., which coincidentally isn't too far from star-riddled Hollywood, celebrity names most frequently used in conjunction with malicious code include:

• 1. Britney Spears
• 2. Bill Gates
• 3. Jennifer Lopez
• 4. Shakira
• 5. Osama Bin Laden
• 6. Michael Jackson
• 7. Bill Clinton
• 8. Anna Kournikova
• 9. Paris Hilton
• 10. Pamela Anderson

"While the use of celebrity names as a social engineering tool has been around for a long time, its use in today's security environment may have a different importance," said Patrick Hinojosa, CTO of Panda Software. "Microsoft and computer security vendors have been working hard on closing down vulnerabilities that allow malware to run automatically without user intervention. Tricking the end user to manually run the malware is easier than retooling code to take advantage platform vulnerabilities."

Concluded Hinojosa: "I expect social engineering tactics to be with us for a long time as it's a tried and true door into otherwise protected systems."

Tags: Malware, Viruses, Trojans and Spyware,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Malware, Viruses, Trojans and Spyware New Zeus spam poses as Social Security statements Increase in Gumblar backdoors poses FTP credential problems Hackers to sharpen malware, malicious software in 2010 iPhone worm Rickrolls jailbroken phones Israeli Mossad add Trojan Horse to Syrian laptop Schneier-Ranum Face-Off: Is antivirus dead? Modern malware, stealthy botnets, adapt quickly, expert says Computer worm infections up, scareware antivirus down, Microsoft says Web-based attacks skyrocket, pirating sites surge, security firms say Mini guide: How to remove and prevent Trojans, malware and spyware

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary bot worm  (SearchSecurity.com) directory traversal  (SearchSecurity.com) government Trojan  (SearchSecurity.com) Kraken  (SearchSecurity.com) man in the browser  (SearchSecurity.com) polymorphic malware  (SearchSecurity.com) RAT (remote access Trojan)  (SearchSecurity.com) RavMonE virus  (SearchSecurity.com) RFID virus  (SearchSecurity.com) Rock Phish  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary