[ISN] Virus poses as nude Jennifer Lopez photos

From: InfoSec News (isnat_private)
Date: Thu May 31 2001 - 16:25:35 PDT

  • Next message: InfoSec News: "[ISN] DoS Attacks on GRC.com"

    http://news.cnet.com/news/0-1003-200-6135045.html?tag=mn_hd
    
    By Greg Sandoval
    Staff Writer, CNET News.com 
    May 31, 2001, 2:20 p.m. PT 
    
    By promising to display pictures of actress Jennifer Lopez naked, the
    destructive Chernobyl virus is again spreading across the Internet via
    e-mail.
    
    Antivirus-software maker Panda Software issued an alert Thursday after
    receiving about eight reports of the virus, including one from a major
    aviation company. The aviation company discovered the problem before
    the virus could do any significant damage. Panda has given the virus
    its highest rating of potential risk, distribution and destruction.
    
    One of Panda's competitors, Symantec, considers the virus less of a
    threat, saying it received only six reports of the virus Wednesday,
    indicating that the virus was spreading too slowly to cause any real
    damage.
    
    But the Jennifer Lopez files pose a serious threat regardless, said
    Steve Demogines, director of tech support at Panda. Hiding behind the
    fictitious photos of Lopez is the lethal Chernobyl virus, which can
    erase content on files and disable computers.
    
    The other factor that makes the Lopez file dangerous, Demogines said,
    is that it uses a "social engineering" technique that could prove
    effective. The term social engineering refers to the practice of
    coming up with intriguing e-mail subject lines to fool the
    unsuspecting into opening virus-infected files.
    
    The Lopez file's suject line reads "Where are you" and the attachment
    is titled JenniferLopez_Naked.JPG.VBS.
    
    "Virus writers are still successfully using the social engineering
    technique to trick the unwary user," Panda said in a statement
    Thursday.
    
    The Jennifer Lopez file is the latest in a string of mass-mailing worm
    viruses--copycat versions of the AnnaKournikova virus, which spread
    across the globe in February by encouraging victims to click on a
    supposed picture of Russian tennis star Anna Kournikova.
    
    The Anna virus had the ability to mail itself to a large number of
    Internet users but did not damage computer systems. Its main threat
    was that it might clog servers. The virus inside the Lopez file packs
    a more destructive payload.
    
    When the W95/CIH virus is unleashed, it goes on a search-and-destroy
    mission, Panda said in the statement.
    
    The virus seeks out and overwrites code on specific files on the hard
    disk, stripping them of their content. The virus also infects the
    Windows installation folder and can disable a computer by overwriting
    the motherboard, rendering it useless and preventing a user from
    booting up, Demogines said.
    
    
    
    
    
    ISN is hosted by SecurityFocus.com
    ---
    To unsubscribe email isn-unsubscribeat_private
    



    This archive was generated by hypermail 2b30 : Fri Jun 01 2001 - 02:56:07 PDT