All the latest UK technology news, reviews and analysis
|
|
|
18 Jan 2005
Antivirus experts today warned that a mass-mailing worm designed to fool computer users into believing that pornographic content has been found on their PC actually allows hackers to gain remote access to compromised computers.
The Baba-C worm (W32/Baba-C) spreads via email, duping innocent users into believing that it is a warning about 'XXX content' found on their Windows PCs. Users are told that this adult material can be hidden by running a program called Evidence Cleaner.
However, in reality, no pornographic content has been found on the PC, and clicking on the attached file runs the worm which will attempt to forward itself to other email addresses, and open a backdoor for hackers to gain access to the system.
Emails sent by the worm arrive with the subject line: 'Important! XXX sites found on your computer!'
They contain the following message: 'Windows Evidence Checker has found XXX content on your computer. You can hide your activities with Evidence Cleaner service. To run Evidence Cleaner click to quick shortcut attached. Warning! Your copy of Evidence Cleaner will be expired after 7 days. Today you can register for FREE. Please check attached instructions for more details.'
The attached file tries to disguise itself as a web link, but is in reality a malicious executable file.
"Many people are worried about the adult material that inhabits areas of the internet, and don't want it to reach their PC. It's also clear that the internet is widely used for accessing hardcore sexual material," said Graham Cluley, senior technology consultant at Sophos.
"Either way, many people want to ensure that their PC contains no evidence of XXX content, and may be tempted to follow this email's instructions if they are sent this worm.
"The Baba-C worm is using a dirty trick. Our advice, as always, is to keep your antivirus software up-to-date and never launch an unsolicited email attachment."
Sophos noted that there have only been a small number of reports of Baba-C infecting PCs in the wild. Further details of the worm can be found here.
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Hands on with the highly anticipated Android 4.0 Ice Cream Sandwich hybrid tablet
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Application Support Analyst with exceptional communication...
Software Development Manager- Rugby/Warwickshire - Attractive...
Working for a leading Retail organisation, you will be...
business analyst, tester, fixed income, fi, derivatives...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?