Sophos identifies a new attack that lures victims with a photo of naked people.
Staff Writer, CNET News.com
Antivirus software maker Sophos identified a new worm on Tuesday that is being hidden in an e-mail attachment that includes a nude photo.
The virus, dubbed by Sophos as Wurmark-D worm (or W32/Wurmark-D), is being distributed via a mass e-mail campaign which offers a New Year's message in the form of an attached photograph of naked bodies. Labeled as an "amusing file," the attachment carries the destructive worm along with a graphic image of naked men and women whose bodies have been aligned to form the words "Happy New Year."
Sophos said the malicious worm secretly installs itself as someone is viewing the nude image, and immobilizes security software on an infected computer. The worm also forwards itself to e-mail addresses stored in a corrupted PC.
"Once activated, this worm will harvest your computer hunting for other e-mail addresses to send itself to and try and turn off antivirus software," Graham Cluley, senior technology consultant for Sophos, said in a statement. "Anyone who forgets to exercise caution before running this unsolicited e-mail attachment could be in for a rude awakening."
Cluley said the virus is most likely to take advantage of workers still returning after an extended holiday season who are apt to be facing large numbers of unopened e-mail messages in their in-boxes. Thus far, the worm has resulted in only a small number of reports to Sophos.
Sophos noted that this is hardly the first time virus writers have used porn as a vehicle for distributing their creations. Last year, one such person created an e-mail campaign that promised photos of a "blonde, 21-year-old" exotic dancer, and attachments to those messages turned out to be a mass-mailing variant of the Sober worm.
Dan Ilett of ZDNet UK contributed to this report from London.