'Naked Wife' virus carries malicious payload
A new Trojan horse is in the wild, promising a glimpse of a naked woman in an e-mail. What it delivers is a debilitating infection that deletes files and makes computer rebooting impossible.
The new virus, NakedWife.exe or W32/Naked, infects a user's computer when an e-mail attachment is opened. The Naked Wife virus then propagates, like last month's Anna Kournikova virus, by attaching itself to all of the addresses in a Microsoft Outlook address book.
Unlike the Kournikova virus, however, Naked Wife also contains code that can erase files, which makes computer rebooting impossible.
Many antivirus software vendors classify the virus as a medium threat, although McAfee.com Corp. has deemed the virus high-risk. Most vendors have already identified the Trojan and posted a patch to block it if their current software already fails to do so. Although users in the Security Focus virus discussion group have noted the virus, there has been less response than that prompted by the Kournikova one.
Virus recipients are promised a photo of a naked woman in an e-mail attachment, and the subject line often reads, "FWD: Naked Wife." The message text says: "My wife never look [sic] like that! ;-) Best Regards," and the attachment is titled NakedWife.exe. When opened, the attachment runs what appears to be a video player to fool the recipient into thinking a picture or video is being downloaded.
According to Trend Micro Inc. in Cupertino, Calif., the virus was written in Visual Basic Script (VBS) and requires the presence of MSVBVM60.DLL in the infected computer's system directory to run.
VBS is a popular virus-writing scripting language and was used to create the I Love You and Kournikova viruses. Many viruses are contained in attachments with .exe and .vbs extensions, and users are cautioned not to open any attachments they aren't expecting, particularly from strangers. A virus writer can also easily rename the file to mask the extension so, for example, a .vbs file can appear as a .jpg file in the e-mail.
"There's no new technology being employed here -- just effective social engineering, I'm sad to say," said David Perry, global education director at Trend Micro. "Users really need to learn to think twice before clicking on attachments."