Today SophosLabs saw the image of the former Miss Croatia – Nina Moric – abused by malware. Nina isn’t the first celebrity to be abused by malware and won’t be the last.
Troj/Srizbi-A uses the image to mask its activities.
The Trojan which we saw spammed out in Cyrillic spam:
A translation from Bablefish (with some corrections):
Subject: Regards! Estimate my photo;))
Regards, you do remember me? ;))
In the archive my new photo as you requested.
A couple of things should have alerted the unwary:
- that the photo link was actually an EXE
- the link was on a domain with a name associated with internet pornography
Blindly following links in email is a bad thing.