Application security

Malicious image spam entices users with soft porn

Hackers are taking advantage of image spam techniques and lusty minds to spread a new Trojan horse, experts at SophosLabs warned today.

A new spate of email messages are being sent to Australian users claiming to be from a woman visiting the country looking for a sex partner. Similar to most run-of-the-mill image spams the message contains no text, with the message completely embedded within an image. The missive embedded within the image entices users to visit a website to view her picture.

The referred website contains a soft porn image and Trojan horse payload containing Troj/Dloadr-AMA.

"This malware attack is particularly interesting because it borrows techniques commonly used by spammers," said Graham Cluley, senior technology consultant at Sophos. "The image in the email contains random noise to sidestep signature-based detection - a technique normally seen in medical or stock spam campaigns. Also, the subject matter is similar to 'pretty girl' spam campaigns that we see - but normally they send text spam rather than image spam, and urge the recipient to reply via email rather than visit a website."

According to IT security researchers at numerous companies, image spam has more than doubled in the past several months.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.