Naughty nurse Sakura Shiratori tries to infect defence firm with malware

Filed Under: Celebrities, Featured, Malware, Nude Celebrities, Spam, Vulnerability

As we have mentioned before, we've seen a large number of files spammed out to various organisations, exploiting the CVE-2012-0158 vulnerability.

Victims have not been limited to defence companies, but have also included government departments, charities and recruitment agencies.

One of the latest attacks we have seen was sent to a defence contractor, using the subject line "if you want sex pictrue!".

Naughty nurse email carries malware payload

(I have cropped the screenshot above so the full image is not displayed after it became clear that the pictured nurse had not brought her entire uniform to work).

Attached to the email is a file called sexpicture.rar that contains a number of naked pictures of Japanese model Sakura Shiratori.

Harmless enough you might think. However, alongside the seedy snapshots are two files.

An apparent screensaver, short-SEXGPJ_1.SCR, is malicious - and detected by Sophos products as Mal/Behav-043.

Another file, short-SEX_ST_1.DOC, is detected by Sophos products as Troj/DocDrop-AF, and attempts to install further malicious code onto victims' computers by exploiting the CVE-2012-0158 vulnerability.

Although the email appears to have come from the Taiwanese branch of Yahoo, the "from:" address has been forged by whoever sent out the attack. I'm also going to make the fairly safe assumption that Miss Shiratori is not aware of how her images are being abused.

Make sure that the staff at your firm are wary of opening unsolicited email attachments, and that computers are defended with up-to-date anti-virus software and the latest security patches.

Microsoft released its patch for the vulnerability back in April - if you haven't already rolled it out across your Windows PCs, do so now.

, , , ,

You might like

One Response to Naughty nurse Sakura Shiratori tries to infect defence firm with malware

  1. Internaut · 812 days ago

    Sex sells. And, most of the sex-selling is directed at men. I compare the warnings about such scams to the "Don't drink and drive", "No sexting", "Beware of strangers", and such campaigns, Everyone has heard these, everyone knows better, but some feel invulnerable.

    At what point I wonder, do people disregard the cautions and click "Open" anyway!
    Too often, the denialists end up infected and spread it to others.

    I

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.