Vulnerability Alerts
SANS
 
Microsoft
 
CERT/CC
 
 
 
Latest Comments
"lol"
on Internet filtering ineffective in fight against terror
by Tina | Jul 5, 2009 12:04 AM
 
"Good! Its very good blog the for the people who are having debit collection and credit report ..."
on Fake Microsoft anti-spyware site stealing credit card info
by identity theft lawyers | Jul 4, 2009 6:55 PM
 
"nothing"
on Ads on Facebook serving up adware
by UMAIR | Jul 4, 2009 5:54 PM
 
"Thank you "
on Search engine promises completely private surfing
by Dr. Holub | Jul 4, 2009 11:17 AM
 
"Agree that wireless hotspots are an easy way for hackers to gather information from connected ..."
on New devices make hotspots a hacker's paradise
by Patrick Hooper | Jul 3, 2009 4:06 AM
Malware

Homer Simpson accused of spreading malware

  • Email a Friend
  • Print Page
Related Articles
By Shaun Nichols
Jul 14, 2008 9:37 AM | 1 Comment
Tags: Homer | Simpson | accused | of | spreading | malware
An screen name once connected to animated TV dad Homer Simpson is being used to spread malware.
An screen name once connected to animated TV dad Homer Simpson is being used to spread malware.

In a 2003 episode of The Simpsons, writers revealed that Homer's e-mail address was chunkylover53@aol.com. Prior to the episode's airing, the address was registered by one of the show's writers, who used it to answer hundreds of e-mails from Simpsons fans.

Years later, the chunkylover53 screen name has resurfaced, and it's now being used to distribute a trojan disguised as a Simpsons movie file.

According to FaceTime malware research director Chris Boyd, chunkylover53 is sending out auto-reply messages to users which promises a special exclusive episode of the show available for download. The link in the message leads to an executable file.

Upon launching the trojan, the user is presented with a fake error message which is followed by several real error messages and, finally, a blank screen. Upon restarting, the system will run noticeable slower and be prone to crashes.

Boyd found that the malicious payload delivered by the trojan includes a rootkit and remote control software which logs the user in a botnet. The malware was traced back to Kimya, a Turkish botnet which has been infecting machines for the last four months.

The researcher told vnunet.com that it was unclear whether the malware operators have taken control of the chunkylover AOL account, or simply registered the screen name as an instant messenger account. AOL did return a request for comment on the matter.

Though the malware is currently only being spread by the chunkylover53 user name, Boys warns that the botnet itself could easily be called on to launch a much larger malware attack in the future.

"For now, this is a good reminder to be cautious when randomly adding cool things seen on TV and film to your online applications," said Boyd.

"You can't always assume the person at the other end is entirely in control, or indeed, related to what you're looking for in the first place."

Copyright © 2009 vnunet.com

 
Ads by Google
Thoughts on this article? Add a comment below.
Comments: 1
I thought Homer Simpson didn't know how to use a computer let alone send viruses :P. Ah, whoever is doing this is ruining the reputation of a great show.
SC Magazine - comments icon Posted by ChrisJul 16, 2008 9:05 AM
Report this comment as offensive:

   * Indicates information we require to process your submission.

Name: *
Email: *
Reason for offense: *
Your report will not be displayed.  
Name:
*
 
Email:
(will not be displayed)
*
 
Comment:
(HTML not permitted)
*
 
Validation
*

Enter the code you see below:

 

 
 
 
 
 
Exclusive Data Centre - Sponsored Content by Microsoft
 
Vulnerabilities & Exploits Whitepapers
 
Popular Tags
apple attack attacks beladen botnet data email facebook gumblar infected mac malware office phishing security social spam trojans twitter website