'Free porn' worm turns nasty

A worm discovered earlier this week is hijacking web browsers and internet chat clients with promises of free porn.

Although the potential threat posed by the worm is low, antivirus companies have warned that its multiple methods of propagation could make it a nuisance.

Known variously as Aphex or Aplore, the mass mailing worm infects PCs using a variety of different methods.

It may arrive as a .com attachment to an email, where the subject line and message body are left blank. If the file is executed it drops a Visual Basic script, which it uses to email itself to all addresses in the Outlook address book.

The worm also sets up a web server on the infected machine which listens for connections on port 8180 and drops a file, index.html, which acts as an infected homepage for the server.

The worm then connects to an IRC server and sends a message to users of a particular channel offering 'free porn'.

The link back to the naughty goodies references the victim's infected machine which, in turn, infects anyone who visits the link by tricking them into downloading an infected browser plug-in.

News source: vnunet

View: Virus Info - w32.aphex@mm.html

Previous Story
Microsoft to continue Mac support
Next Story
Microsoft douses Office NGO flash