MyDoom mutant promises porn passwords
 

A newly intercepted mutant of the MyDoom virus is spreading by promising access to password protected pornographic websites.

Once running the worm harvests email addresses from the infected machine and sends itself on using its own SMTP engine. It will also attempt to spread using peer-to-peer services like Kazaa.

The mutant leaves a Trojan program that will allow compromised computers to be controlled remotely by hackers.

"Like previous MyDooms, the latest variant arrives in an email with various types of messages, with exe, scr or pif attachments or a Zip file attachment," warned antivirus company F-Secure.

"Some mails arrive containing sexually explicit images and claim that the attachment contains passwords for adult websites, relying on one of the simplest social engineering tricks to try and get readers to click on the infected attachment."

Infected emails also masquerade as returned emails with the attachment described as a partially recovered message or as converted Unicode or ASCII text.

This is the 35th variant of the MyDoom virus, making it one of the most popular choices for virus writers. The original code first surfaced in February 2004.

http://www.vnunet.com/news/1160547