SpySentinel

Hackers use Britney photo spam as ANI exploit bait
By Stephen Withers
Thursday, 05 April 2007

Security vendor Sophos says hackers are using photos of Britney Spears to lure people to compromised websites that deliver an ANI animated cursor exploit to visitors.

"The message is simple: you must patch your computers against this vulnerability now or risk infection. Hackers are exploiting people's tardiness in rolling out updates and looking to infect as many PCs as they can," said Graham Cluley, senior technology consultant for Sophos. "Microsoft issued a patch for the problem yesterday, but the hackers will continue to take advantage of the critical security loophole for as long as they can."

Promises of photos of glamourous female celebrities are frequently used as bait for unwary computer users. Images of Halle Berry, Avril Lavigne, Anna Kournikova, Julia Roberts and Angelina Jolie have all been used to spread malware, company officials said.

The problem with ANI exploits is that they install malicious code without any warning, and hundreds of web sites have been hacked to deliver these exploits to visitors, security companies say.

The exploit can also be delivered via email.

Earlier this week Microsoft released a "critical" patch protecting against this and other GDI-related exploits, but it inevitably takes time for users to install patches. Security vendors have updated their products and services to detect the spam emails and to block users from visiting web sites known to be compromised.

Microsoft has received some criticism for being slow to release the patch, which it had apparently been working on since December 2006. It was released ahead of the usual Patch Tuesday when it became apparent that exploits were becoming widespread.