New Trojan claims to offer erotic pictures of Rihanna, Shakira and Scarlett Johansson

London, April 3, 2008

PandaLabs, Panda Security’s malware analysis and detection laboratory, has detected a series of junk mails that promise erotic pictures of celebrities including Britney Spears, Rihanna or Scarlett Johansson as bait to spread the Agent.IMB Trojan.

Simple as they are the emails have subjects such as “naked Shakira clip”, “Rihanna exposed” or “Scarlett Johansson spills boobs”, and include a link with the text “Download and Watch”.

If the user clicks the link, they will download a copy of the Agent.IMB Trojan to their computer. This malicious code copies itself to the system under the name “CbEvtSvc.exe” and creates a service with the same name to run whenever the system is started up.

Panda Security maintains that this type of social engineering technique is not new at all but given the number of cyber-crooks that keep using it many computer users still fall into the trap.

Malware creators tend to use the same kind of email to spread different malware strains, and so Panda predicts that junk mail with other malicious codes like downloader Trojans or banker Trojans is likely to be distributed over the next couple of days.

Dominic Hoskins, Country Manager, Panda Security UK, explains: “Although malware dynamics have largely changed towards financial gain in recent months sensational headlines and pictures of celebrities are often used by malware creators to distribute malicious codes. This is a surprisingaly effective technique especially when it comes to celebrity baits”.

To avoid falling victim to this type of attack, PandaLabs advises users not to open any email messages that come from unknown sources or click any links that these may contain.