'Brad Pitt' virus targets Microsoft

Brad Pitt, Angelina Jolie and Britney Spears are the subjects of a virus scam that is attempting to recruit computers for a denial-of-service attack on Microsoft.

Hackers have released a self-spreading worm, called Ahker-F, that promises salacious movie clips of the celebrities. The e-mails contain text such as: "Watch Angelina Jolie and Brad Pitt cought (sic) on TAPE! SEXY CLIP! WATCH IT!"

Attached to the e-mail is a .Zip file that contains the worm. If opened, the worm spreads to the user's e-mail contacts, disables security settings on the PC, and launches a denial-of-service attack against Microsoft's security update Web site.

"People's appetite for salacious gossip is insatiable, and some may be tempted to run what appear to be pornographic movie files distributed across the Internet," Sophos, a security software company, said in a statement. "However, virus writers have a long history of disguising their malicious code as this kind of content. Everyone should be very careful about what they choose to run on their computer."

The worm also spreads via file-sharing networks, using file names such as PORNO.exe, XXX.exe and Naked Britney.exe.

Sophos said Thursday that only a small number of reports of the worm had been received.

[City_Of_LA]

Really..

If youre that dumb to open a file with that name your system deserves to be brought down to its knees.

Its called social engineering. There is no firewall for stupidity

[Jonathan]

You don't have to be smart to be conned.

Social engineering isn't about how smart or how stupid you are. Its about playing on a human's natural weaknesses be it greed, curiosity, vengeance, love, etc.
I know people who have IQ's that could make both of us look like Forest Gump rejects who have fallen for a mass mail worm. When the e-mail originates from someone you know the natural urge is that it?s trustworthy. I mean you don't pad down your friends every time they come over right?

The best strategy for these worms is every simple. From a technological standpoint antivirus is your best friend. From a social standpoint learning the ins and outs of e-mail and how a computer works goes a LONG way to solving the problem.
The simple fact is that society sees the computer as an appliance. A DVD player, a toaster, a phone. Something that isn't dangerous. What schools and society needs to start teaching people that what we do with a computer can be as dangerous as walking into grand central station and yelling out your SSN, license number, phone number, date of birth, address over and over. People have been trained that giving out your SSN is a bad thing. This is something many have learned at a young age. So to do we need to start propagating the idea that a computer needs to be treated with respect along with the information coming in and out of it.

[City_Of_LA]

Really..

If youre that dumb to open a file with that name your system deserves to be brought down to its knees.

Its called social engineering. There is no firewall for stupidity

[Jonathan]

You don't have to be smart to be conned.

Social engineering isn't about how smart or how stupid you are. Its about playing on a human's natural weaknesses be it greed, curiosity, vengeance, love, etc.
I know people who have IQ's that could make both of us look like Forest Gump rejects who have fallen for a mass mail worm. When the e-mail originates from someone you know the natural urge is that it?s trustworthy. I mean you don't pad down your friends every time they come over right?

The best strategy for these worms is every simple. From a technological standpoint antivirus is your best friend. From a social standpoint learning the ins and outs of e-mail and how a computer works goes a LONG way to solving the problem.
The simple fact is that society sees the computer as an appliance. A DVD player, a toaster, a phone. Something that isn't dangerous. What schools and society needs to start teaching people that what we do with a computer can be as dangerous as walking into grand central station and yelling out your SSN, license number, phone number, date of birth, address over and over. People have been trained that giving out your SSN is a bad thing. This is something many have learned at a young age. So to do we need to start propagating the idea that a computer needs to be treated with respect along with the information coming in and out of it.