Party girl Paris Hilton subject of Microsoft vulnerability spam attack

Porn star Jenna Jameson's name also besmirched by malware authors
IT security and control firm Sophos is urging computer users once again to patch against a critical bug in how Microsoft Windows handles animated cursors (ANI files) as hackers exploit the problem by sending out emails related to professional party girl Paris Hilton and hardcore actress Jenna Jameson.

The emails claim to come from Nude

The spammed email messages have subject lines such as "Hot pictures of paris hilton nude" and contain an embedded image not of the celebrity hotel heiress but of pornographic actress Jenna Jameson. When clicked on, the image links to a website containing the malicious Troj/Iffy-B Trojan horse. The Trojan horse in turn points to another piece of malware which tries to exploit the Microsoft vulnerability. The emails have a clickable picture of porn star Jenna Jameson.

This latest attack is believed to be by the same group of hackers that last week spammed out scantily clad pictures of Britney Spears to exploit the Microsoft vulnerability. It follows news that Paris Hilton and Jenna Jameson were seen celebrating the latter's birthday party together at a trendy LA club last weekend.

"The problem is that consumers and businesses may not yet have patched themselves against this vulnerability, and clicking on unsolicited emails like these could lead them to a nasty malware infection," said Graham Cluley, senior technology consultant for Sophos. "Microsoft issued a patch for the problem last week, but determined hackers look set on taking advantage of the security flaw for some time to come."

Read more about Microsoft's security patch now, and protect your computers
Home users of Microsoft Windows can visit to have their systems scanned for Microsoft security vulnerabilities.

Sophos experts note that this is not the first time that Paris Hilton has been used as bait in an attempt to trick innocent computer users into viral infection. Two mass-mailing worms that masqueraded as X-rated videos of Hilton were released in February 2005. The promise of glimpses of pin-ups like Britney Spears, Halle Berry, Avril Lavigne, Anna Kournikova, Julia Roberts, Angelina Jolie and Brad Pitt, Jennifer Lopez, or the stars of 'Sex and the City' have previously been used to help viruses spread.

Sophos continues to recommend companies protect their desktops and servers with automatically updated protection against viruses, spyware, and spam.

About Sophos

Sophos is a world leader in IT security and control. Sophos offers complete protection and control to business, education and government organizations - defending against known and unknown malware, spyware, intrusions, unwanted applications, spam, policy abuse and uncontrolled network access (NAC). Sophos's reliably engineered, easy-to-operate products protect over 100 million users in more than 150 countries. Through over 20 years' experience and a global network of threat analysis centers, the company responds rapidly to emerging threats and achieves the highest levels of customer satisfaction in the industry. Sophos is a global company with headquarters in Boston, MA, and Oxford, UK.


Comments (0)

Add a Comment

This thread has been closed from taking new comments.

Editorial: +44 (0)1892 536363
Publisher: +44 (0)208 440 0372
Subscribe FREE to the weekly E-newsletter