Naughty nurse Sakura Shiratori tries to infect defence firm with malware

by Graham Cluley on August 8, 2012 | 1 Comment

Filed Under: Celebrities, Featured, Malware, Nude Celebrities, Spam, Vulnerability

As we have mentioned before, we've seen a large number of files spammed out to various organisations, exploiting the CVE-2012-0158 vulnerability.

Victims have not been limited to defence companies, but have also included government departments, charities and recruitment agencies.

One of the latest attacks we have seen was sent to a defence contractor, using the subject line "if you want sex pictrue!".

Naughty nurse email carries malware payload

(I have cropped the screenshot above so the full image is not displayed after it became clear that the pictured nurse had not brought her entire uniform to work).

Attached to the email is a file called sexpicture.rar that contains a number of naked pictures of Japanese model Sakura Shiratori.

Harmless enough you might think. However, alongside the seedy snapshots are two files.

An apparent screensaver, short-SEXGPJ_1.SCR, is malicious - and detected by Sophos products as Mal/Behav-043.

Another file, short-SEX_ST_1.DOC, is detected by Sophos products as Troj/DocDrop-AF, and attempts to install further malicious code onto victims' computers by exploiting the CVE-2012-0158 vulnerability.

Although the email appears to have come from the Taiwanese branch of Yahoo, the "from:" address has been forged by whoever sent out the attack. I'm also going to make the fairly safe assumption that Miss Shiratori is not aware of how her images are being abused.

Make sure that the staff at your firm are wary of opening unsolicited email attachments, and that computers are defended with up-to-date anti-virus software and the latest security patches.

Microsoft released its patch for the vulnerability back in April - if you haven't already rolled it out across your Windows PCs, do so now.

Tags: , , , ,

One Response to Naughty nurse Sakura Shiratori tries to infect defence firm with malware

  1. Internaut says:
    August 9, 2012 at 7:55 pm

    Sex sells. And, most of the sex-selling is directed at men. I compare the warnings about such scams to the "Don't drink and drive", "No sexting", "Beware of strangers", and such campaigns, Everyone has heard these, everyone knows better, but some feel invulnerable.

    At what point I wonder, do people disregard the cautions and click "Open" anyway!
    Too often, the denialists end up infected and spread it to others.

    I

    Reply Report comment

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <pre> <q cite=""> <strike> <strong>

About the author

Graham Cluley has worked in the computer security industry for more than 20 years, developing anti-virus software and doing quite a lot of talking about internet threats. He's won awards for his blogging, but is proudest of the text adventure games he wrote when he was still wearing short trousers. You can learn more about those (the games, not the trousers) at grahamcluley.com. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.