Naked Girls with Guns Doing the Nasty to Your Windows

Not a pretty picture in the end

  Scantily-clad U.S. soldiers...
Naked girls with guns... While I know that your imagination must be running wild by now, the fact of the matter is that such an invitation would be hard to resist from fans of girls or guns, or even the two combined. But accepting such an invitation from an untrusted source while running a Windows operating system could prove problematic, just to use an euphemism. This because the promise of pornography, however light or hardcore, has long been one of the main vessels for social engineering schemes targeting the Windows platform. And naked girls with guns, nothing more than a supposed PowerPoint presentation including scantily-clad female U.S. soldiers, makes no exception to this rule. It is sufficient to say that users which gave in to the temptation received a tad more than they had bargained for.

"Unfortunately, those users probably infected their system. What's worse is that this presentation came bundled with not just 1, but 6 different pieces of malware. (Troj/Dropper-TK, Troj/Bckdr-QLM, Troj/Dropper-TL, Troj/Bckdr-QLN, Troj/Dropper-TM & Troj/Bckdr-QLO) This is nothing new - most users these days know not to download and run files from untrusted sources. But as long as the old tricks still work, the bad guys will keep using them," commented Michael Shannon, researcher at SophosLabs Canada.

Social engineering attacks do not exploit security vulnerabilities in the code, but instead manage to take advantage of the users' willingness to transform themselves into victims. Education has an important role in this regard. And so do a set of best practices that have at the top the interdiction to play with content coming from untrusted sources, whatever the incentive.

"This particular bundle of malware didn't get onto users systems by exploiting the latest vulnerability, but rather by leveraging the weakest security component present on all systems. The connection between the chair and the keyboard. You've heard it before and you'll hear it again; most users could have avoided this," Shannon added.

Comments

By    31 Jan 2008, 16:28 GMT