<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Famous People Release</title> </head> <body> <div align="center"><img src="http://www.lvmail.biz/a2zfiles/d/drc/avertmnt.gif"></div> Panda Software Ranks Famous People Most Often Used to Spread Computer Viruses   A coordinated attack with four species of malware featuring an image of Michael Jackson marks a resurgence in the use of famous names to distribute malware on the Internet.   The recent distribution of a new type of malware, detected by Panda Software as Downloader.DBR, by mass mailing messages to users around the world and using a spoof story about a suicide attempt by Michael Jackson, is nothing more than a new episode in social engineering: exploiting the popularity of certain celebrities to increase the propagation of this type of threat.   The strategy used to spread this malware is actually quite complex: the message, which has been distributed manually as spam across the Internet, contains a link to web page. This page, by means of an example of malware detected by Panda Software as Phel.J, exploits a browser vulnerability to insert Inor.AK, an HTML application, on computers. This in turn provides the access needed to install Downloader.DBR on the user's computer. However the malicious chain doesn't end there. Once installed on computers, this Trojan downloads the AU variant of the Dedler worm, which actually takes the malicious action on the infected computer. This is not the first time that Michael Jackson has been used as bait to distribute this kind of threat: last November a mail was distributed supposedly containing a link to a website from which users could download a video of Jackson with a child. This video did not exist, but instead a Trojan was downloaded onto the computer. Even though it is not usual for such complex coordinated techniques to be used to install malware on computers, the names of celebrities are frequently used to distribute mails which either contain malware attached to the mail itself (often camouflaged as an image), or which contain a URL where the malware is accessed (as in this case). Trojans in themselves do not generally have the capacity to propagate (as worms do), and so this type of strategy is needed for the message to spread. At the top of this particular "celebrity virus ranking" is Britney Spears, who, according to data from PandaLabs, has been the involuntary protagonist of most attacks over the last years. Attractive female celebrities are often used for these purposes as the excuse for sending the mail is often to entice users with the promise of interesting photos. Along these lines, third and fourth respectively in the ranking come Jennifer Lopez (unfortunately associated to the famous LoveLetter) and Shakira. Porn stars are also often used for this purpose. The second person most frequently used by malware creators to distribute their works is Microsoft owner, Bill Gates, and fifth in the list is Osama Bin Laden. The latter has been the subject of e-mails claiming that he has been hung, or finally caught, and the spread of these messages increased after the Iraq war. Other famous people who have been used in this context include Anna Kournikova, who was the subject of a widespread example of malware bearing her name, Bill Clinton, Pamela Anderson, and even Alberto Fujimori, the former president of Peru. The ranking of famous people most frequently used is: Position Name <ol> <li> Britney Spears </li> <li> Bill Gates </li> <li> Jennifer Lopez </li> <li> Shakira </li> <li> Osama Bin Laden </li> <li> Michael Jackson </li> <li> Bill Clinton </li> <li> Anna Kournikova </li> <li> Paris Hilton </li> <li> Pamela Anderson </li> </ol>     To prevent infection from these and other malicious code, Panda Software advises users to keep their antivirus software updated. Panda Software customers already have the updates at their disposal to detect and disinfect this new malicious code. To help as many users as possible scan and/or disinfect their computers when necessary, Panda Software offers Panda ActiveScan, which now also detects spyware, free of charge at <a href='http://frzmail.net/080E010601145F111D1F1F1B06321400171716170119061D025C1D00150E434A4447410E4041460E400E4045474A4344420E08.aspx'>www.pandasoftware.com</a> . Webmasters who would like to include ActiveScan on their websites can get the HTML code, free of charges, at <a href='http://frzmail.net/080E010601145F111D1F1F1B06321400171716170119061D025C1D00150E434A4447410E4041460E400E404A45424441420E08.aspx'>www.pandasoftware.com/partners/webmasters</a> . Panda Software also offers users Virus Alerts, an e-bulletin in English and Spanish that gives immediate warning of the emergence of potentially dangerous malicious code. To receive Virus Alerts just visit Panda Software's website ( <a href='http://frzmail.net/080E010601145F111D1F1F1B06321400171716170119061D025C1D00150E434A4447410E4041460E400E4045474A4344420E08.aspx'>www.pandasoftware.com</a> ) and complete the corresponding form in the Virus Alerts section. For more information about these and other malicious code, visit Panda Software's Virus Encyclopedia at: <a href='http://frzmail.net/080E010601145F111D1F1F1B06321400171716170119061D025C1D00150E434A4447410E4041460E400E404A45424447410E08.aspx'>www.pandasoftware.com/virus_info/encyclopedia.</a> <table width='500' border='0' align='center' cellpadding='2' cellspacing='3'><tr><td align='center'> <div align='center'><a href='http://frzmail.net/080E010601145F111D1F1F1B06321400171716170119061D025C1D00150E434A4447410E4041460E08.aspx'><img src='http://frzmail.net/img.gif' width='531' height='80' border='0'></a> <img src='http://frzmail.net/080E010601145F111D1F1F1B06321400171716170119061D025C1D00150E434A4447410E4041460E430E420E08.aspx'> Panda Software · 230 N. Maryland Ave., Ste. 303 · Glendale, CA 91209 This e-mail message is an advertisement and/or solicitation.</td></tr></table></body> </html>