Application security

Two new World Cup worms appear

Two new email worms are exploiting interest in the World Cup to attack computers and turn them into part of a botnet.

The Sixem-A worm spreads using a variety of disguises, including subject lines such as "Naked World Cup game set," "Soccer fans killed five teens" and "Crazy soccer fans," to try and dupe unsuspecting users into clicking on a malicious attachment. Another worm, W32.Worm.Zade.A, is a new mass emailing worm that sends itself out as an World Cup-themed email, it also attempts to take control of a user's computer.

One of the messages sent by the Sixem worm reads as follows:

"Nudists are organizing their own tribute to the world cup by staging their own nude soccer game, though it is not clear how the teams will tell each other apart. Good photos ;)."

Other messages, some of which claim to come from the CNN news organization, can include:

"Soccer fans killed five teens, watch what they make on photos. Please report on this all who know."

If the attached file is run, it attempts to disable security software on the infected computer and then spread itself to other email addresses.

"This worm exploits the public's interest in the World Cup to infect business users. While some recipients might find nude football an attractive prospect, this is one worm you don't want to catch sight of, as you'll be playing straight into the hands of hackers," said Graham Cluley, senior technology consultant at Sophos. "It is very likely that more internet criminals will take advantage of users' football fever as the tournament heats up - people need to wise up to security threats, or risk scoring an own goal."

Another worm, W32.Worm.Zade.A, is a new mass emailing worm that sends itself out as a World Cup themed message. Once a machine is infected with it, it also attempts to download and execute a file from a remote server and terminate anti-virus and personal firewall software.

“It seems there is no level a hacker won’t sink to exploit the good nature of the World Cup fans,” said James Rendell, senior technology specialist at Internet Security Systems. “It was only time before we started seeing hackers taking advantage of the fun and festive time people are having around the World Cup. Yet, we suspect that this is only the start of things to come from hackers.”

“In this time of football frenzy, we urge all computer users not to open any suspect emails and attachments and get caught off side,” said Rendell.

Recent research by McAfee found that fans of the Angolan national team are most likely to be targeted by spam and spyware than other soccer fans. Fans of Brazil and Portugal were also highly targeted.

Numerous studies have also shown the World Cup to have a significant negative effect on employee productivity and bandwith use.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.