An e-mails that purports to offer free sex movies but actually contains a virus is spreading like wildfire across the internet, warn security firms.
The e-mail is entitled “Here you have” and holds within a link that appears to direct users to a PDF document.
In fact, those clicking on the link get neither movies nor documents but give the malware access to the user’s Outlook address book and then sends copies of itself to every contact contained within.
It will also attempt to disable any security programmes by deleting them, allowing it to remain hidden on the computer’s hard drive.
As well as spreading via e-mail, the worm also tries to find victims by looking for open net links from infected PCs and exploiting the Windows Autorun feature on USB drives and other attached media.
Although not widespread, reports suggest that some corporations were hit hard by it. Nasa, AIG, Disney, Procter & Gamble and Wells Fargo were all reported as struggling to contain an outbreak of the worm.
At these firms, e-mail inboxes were flooded with hundreds of copies of the e-mail messages bearing the malicious link.
Efforts to contain the virus were aided late on 9 September when the website hosting the worm was shut down. However, security firms expect new variants of the worm to turn up.
Security firm Kaspersky said the worm had some similarities to viruses such as the ‘ILoveYou bug’ by exploiting Outlook address books.
“The difference with those earlier attacks is that the e-mails typically carried the malicious file itself and didn’t rely on a link to a downloading site,” wrote Dennis Fisher in an analysis on the Kaspersky Threat Post blog.