Computer Game Character Mario Spreads Infection
A new worm is being distributed through mass e-mails that takes advantage of people's keen interest in Nintendo's character image, Mario, according to warning by Sophos, the IT security and control company. When recipients open the e-mail, it asks them to click an attachment, which is supposed to start the games Super Mario Bros.
The message in the e-mail asks the reader to test the Mario Bross and enjoy it.
But the e-mail actually infects the user's PC with the worm Romario-A it carries while it launches a game featuring the Italian plumber, Mario. The worm not only infects unprotected PCs but also spreads via detachable drives. It also harms by automatically sending its copies to e-mail addresses stored on the affected computer. For that, it uses an e-mailing engine of its own. Finally, the worm plants itself on the Registry.
Fraudsters are always engaged in innovating new methods to exploit users' enthusiasm to trick them into opening malicious attachments or links. The revival of Nintendo in the online games market with Mario's global impression and the Wii console are factors that cyber criminals exploit to fool users, said Graham Cluley, senior technology consultant at Sophos. Absolutegadget published this on July 30, 2007.
Romario-A, the most recent malware in the series of malicious codes, poses as PC games or actually execute online games. malware authors have applied this trick several times before. Some notable worms like the W32/Bagle-U is designed to trigger the Microsoft Hearts game, the W32/Coconut-A virus that asked users to toss coconuts at a PC security expert's pictures and the Trok/Gonori-A Trojan that runs Minesweeper.
The Romario-A worm also runs on opening or launching files having extensions like COM, PIF, BAT and SCR. According to Sophos, the worm attempts to make the maximum effect by performing a routine task of running at a certain time.
In Cluley's views, these types of attacks are truly treacherous because gamers who had a taste of the game earlier could actually play it again by clicking the file, although they have no suspicion about the sinister activity behind it.
Related article: Computer Virus Writers Adopt New Strategy
» SPAMfighter News - 07-08-2007