Viruses and Famous People: An Extremely Effective Formula For Spreading All Types Of Malware
Phrases like “Osama Bin Ladin was found hanged” or suggestive file names like “JENNIFERLOPEZ_NAKED.JPG.vbs” are real examples of attempts to use social engineering techniques to spread computer viruses.
This strategy is mainly used to spread malicious code that reach computers in a file attached to email messages. It basically involves writing something in the message to make the attachment sound attractive to users, such as saying it contains an application, photographs, etc. If this text manages to trick the user into running the file, the worm will be installed on the computer and carry out its malicious actions.
In most cases, users with a minimum experience of using the Internet and email know that these kinds of messages usually harbor viruses and immediately delete them. However, evidence shows that the successful propagation of malicious code that uses social engineering has a lot to do with the bait used in the message. Some of the most dangerous use famous people.
The star chosen mainly depends on what is in the news at the time, as this could increase its impact. In fact, just a few hours ago, PandaLabs detected the mass-mailing of an email message with the subject Latest News about Arafat!!!, which contains two attachments. One of these is the authentic file showing an image of funeral of the politician that died a few days ago. The other file, however, contains code designed to exploit a vulnerability in Internet Explorer. Through this flaw, a worm called Aler.A is automatically installed on the computer.
An older example is the Clinton-Lewinksy affair, which became, shortly after it hit the headlines, a target of virus authors. Malicious code like Lewinsky or Class are examples of these.
One of the fastest spreading viruses was SST, popularly known as Kournikova. The emails carrying this worm claimed to contain suggestive photographs of this popular tennis player. Other well-known names, like Jennifer L?pez, Shakira or Britney Spears, have also been used by computers viruses like Loveletter.CN, MyLife.M or Chick.
Mass-mailing worms are not the only malicious code that resort to social engineering techniques, other creations also use this strategy to spread across P2P (peer-to-peer) file sharing networks like KaZaA. To do this, they usually create a large number of copies of themselves in the directories that store the files shared through these kinds of applications. The names of this files suggest that they contain music videos or pornographic images of some famous person.
Another way the names of famous people are exploited is through newsgroups. Recently, a group of messages announcing news like the capture of Bin Laden, the alleged suicide of Arnold Schwarzenegger, or intimate photos of the soccer player David Beckham. These messages usually include links to download files with information about these events which, of course, actually contain some kind of virus. In this case, the messages are not generated by the worm, but by the malicious user. The danger of this tactic lies in that it can be used to spread all kinds of malware, from worms to highly destructive viruses, through spyware, dialers, etc.
It is advisable to always take precautions with these kinds of messages, regardless of where they are sent from or their content, as they most probably contain a computer virus. If you don’t want to run the risk of being duped by one of these, it is recommendable to install effective antivirus software, which is updated every day to protect against the latest threats to appear.
For further information about these and other computer threats, visit Panda Software’s Encyclopedia at:
About PandaLabs
On receiving a possibly infected file, Panda Software’s technical staff get straight down to work. The file is analyzed and depending on the type, the action taken may include: disassembly, macro scanning, code analysis etc. If the file does in fact contain a new virus, the disinfection and detection routines are prepared and quickly distributed to users.