Trojan offering photos of t.A.T.u tempts users

A spyware trojan offering photographs and gossip about the controversial Russian pop group t.A.T.u has been spammed to email recipients in a worldwide campaign.

The messages contained the Banito-BE trojan with the subject line "photos of TATU" and attempts to entice email users into clicking on a malicious attachment claiming to include pictures and intimate details about the controversial duo's lives.

The email contains three attached files, two JPEGs of promotional images of the singers plus one malicious file - tatu.chm - which allows hackers to access the innocent user's computer. The infected file uses the less common .chm extension, which enables it to pass through some email filtering systems used by businesses.

Graham Cluley, senior technology consultant at Sophos, said the celebrity-related malware was designed by cybercriminals with the intent to make financial gains.

"t.A.T.u is better remembered for their controversial videos and onstage antics than their music, and this trojan exploits the still widespread interest in the sapphic school uniform-wearing pop duo's personal life, in order to log computer keystrokes, hijack users' PCs and steal information," he said. "This is just one in a long line of malware that uses celebrities to entice naive computer users, and we'd urge even the most ardent t.A.T.u. admirers to resist temptation and avoid clicking on the unsolicited attachments."

Malware using pictures of celebrities is nothing new. Paris Hilton, Kate Beckinsale and Britney Spears have all been used as malware bait in other scams.