More Celebrity Pictures Spread by Mail

Paris Hilton is, once again, used in spam attacks
Celebrities have always been some of the most popular subjects on the web and spammers know it. That's why an important percentage of their attacks actually rely on
celebrities, lots of messages promising hot pictures with Paris Hilton, Angelina Jolie and many other stars. However, the purpose of these emails is actually to drop malware on readers' computers and steal sensitive data or infect their systems. A similar attack has been detected this weekend by security company Sophos which disclosed more information about the new spam avalanche.

First of all, the subjects vary by email but all messages have the same attachment named Most emails have the following subjects: "Something hot", "Hot news", "Paris Hilton" and "Hot pictures", Vanja Svajcer, SophosLabs, UK, explained. Obviously, downloading the attached zip archive attempts to drop a Trojan horse, in our case, Troj/Agent-HAH.

"Unfortunately I have not manged to make the Trojan to run successfully under our controlled environment. Every time launched the file causes an exception so I cannot give you more details about what it would do if it would run successfully," the Sophos official said.

Similar spam attacks occur every once in a while, so keeping your anti-virus up-to-date with the latest virus definitions should be the easiest way to stay on the safe side. However, extra-care is recommended when reading suspicious emails because spammers simply don't want to abandon their attacks and "hot pictures" may reach your inbox on a daily basis.

Unfortunately, there were cases when such attacks could cause even more damage and were especially intended to take advantage of security vulnerabilities spotted in the operating system or in the application installed on computers. That's why updating the programs and the operating system, as well as applying the latest patches for your security products would be a simple and useful method to avoid getting your computer compromised.

Source: softpedia]