Avril Lavigne mass mailer on the loose
Canadian pop singer, Avril Lavigne has become the latest celeb to have a mass mailer virus circulating under her name. Organisations need to ensure their patch levels are up to date in order to avoid any infection.
Canadian pop singer, Avril Lavigne has become the latest celeb to have a mass mailer virus circulating under her name. MessageLabs warns that organisations need to ensure their patch levels are up to date in order to avoid any infection.
The virus, named Lirva or Naith, arrives in an e-mail offering either the latest Microsoft security patch or exclusive access to Avril Lavigne’s web site. If the virus is activated, it will attempt to e-mail itself to all contacts on the infected system, shut down all antivirus and firewall programs, and launch a web browser to open the Avril Lavigne website on an infected user's desktop. The infected machine will continue to log on to the web site periodically as well. If enough machines are infected around the world, then Avril’s site may crash as well.
As Lirva uses the Iframe vulnerability, the worm will automatically execute whether or not the attached file is opened. This, along with familiar looking coding, leads MessageLabs to suggest that Lirva may be a variant of a known virus family.
Either way, the virus clearly demonstrates the growing use of social engineering to encourage users to open infected mail. A number of recent virus have been triggered by the offer of exclusive access to pictures or information about celebrities, normally attractive females, such as singer Jennifer Lopez, tennis ace Anna Kournikova and Latino pop star Shakira.