Sex Movie Worm Spreads Worldwide

An e-mails that purports to offer free sex movies but actually contains a virus is spreading like wildfire across the internet, warn security firms.

Companies including Nasa, AIG and Disney are having difficulties preventing the worm from spreading through their systems. Photo: Daily Telegraph (UK)

An e-mails that purports to offer free sex movies but actually contains a virus is spreading like wildfire across the internet, warn security firms.

The e-mail is entitled “Here you have” and holds within a link that appears to direct users to a PDF document.

In fact,  those clicking on the link get neither movies nor documents but give the malware access to the user’s Outlook address book and then sends copies of itself to every contact contained within.

It will also attempt to disable any security programmes by deleting them, allowing it to remain hidden on the computer’s hard drive.

As well as spreading via e-mail, the worm also tries to find victims by looking for open net links from infected PCs and exploiting the Windows Autorun feature on USB drives and other attached media.

Although not widespread, reports suggest that some corporations were hit hard by it. Nasa, AIG, Disney, Procter & Gamble and Wells Fargo were all reported as struggling to contain an outbreak of the worm.

At these firms, e-mail inboxes were flooded with hundreds of copies of the e-mail messages bearing the malicious link.

Efforts to contain the virus were aided late on 9 September when the website hosting the worm was shut down. However, security firms expect new variants of the worm to turn up.

Security firm Kaspersky said the worm had some similarities to viruses such as the ‘ILoveYou bug’ by exploiting Outlook address books.

“The difference with those earlier attacks is that the e-mails typically carried the malicious file itself and didn’t rely on a link to a downloading site,” wrote Dennis Fisher in an analysis on the Kaspersky Threat Post blog.

“But the technique used to entice users to click on the attachment or malicious link is the same: offer the user something he wants to see,” he wrote. [via BBC (UK) and Daily Telegraph (UK)]

Share this article

We welcome comments that advance the story directly or with relevant tangential information. We try to block comments that use offensive language, all capital letters or appear to be spam, and we review comments frequently to ensure they meet our standards. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Coinspeaker Ltd.