Sophos: Cybercriminals spam out Madonna Video in advance of world Tour
August 2008 by Sophos
IT security and control firm Sophos is warning music fans to be wary of opening unsolicited emails claiming to reveal the latest news about their favourite pop stars. The warning follows the discovery of a new wave of malware attacks which arrive in the unsuspecting computer users’ inbox and claim to contain a link to a scandalous video of Madonna.
Sophos experts note that the cybercriminals have timed the attack to coincide with the start of Madonna’s new world tour on Saturday - it is a common tactic for hackers to try to exploit excitement around upcoming events. However, users that click on the URL will not see a video of Madonna but will instead download a Trojan horse called Troj/FakeVir-EW that displays a bogus security warning encouraging them to purchase a piece of fake anti-virus software.
Once the hackers have fooled innocent internet users into handing over their credit card details, there is no telling if they will use the information for other forms of identity fraud.
"Madonna may have turned 50, but she’s still as big a draw to cybercriminals as young Hollywood upstarts like bad girl Britney Spears, Paris Hilton and Lindsay Lohan," said Graham Cluley, senior technology consultant at Sophos. "With the new world tour just around the corner, it’s not surprising that the hackers are trying to capitalise on this. Using topical stories is one of the oldest tricks in the book and the danger is that fans of the material girl will click before they think."
Sophos experts note that this is the latest attack from the cyber gang responsible for the recent MSNBC and CNN spam campaigns, and demonstrates that the crooks are not going to give up easily. Instead, they are continuously altering their emails and malware slightly in order to avoid detection by less sophisticated spam filters.
Sophos recommends companies automatically update their corporate virus protection, and run a consolidated solution at their email and web gateways to defend against viruses and spam.