Galaxy Z Flip 4 Preorder Quest 2: Still the Best Student Internet Discounts Best 55-Inch TV Galaxy Z Fold 4 Preorder Nintendo Switch OLED Review Foldable iPhone? 41% Off 43-Inch Amazon Fire TV
Want CNET to notify you of price drops and the latest stories?
No, thank you

Naked pinups revealed as virus

Worm disguised as photos of glamour models aims to swamp Chechen separatist Web sites.

An antivirus vendor is warning people to be on the lookout for a worm disguised as nude glamour pinups, though the virus's threat level is very low.

The Maslan worm appears to be politically motivated, with infected machines intended to launch a denial-of-service attack against Web sites run by Chechen separatist supporters, antivirus firm Sophos said in an advisory Thursday.

According to Symantec, W32.Maslan.C@mm is a mass-mailing worm that opens a back door and exploits system vulnerabilities on a compromised computer. The worm also steals passwords using a keylogger. In addition, it attempts to attack a series of firewalls and antivirus settings on an infected machine.

The virus controls which e-mail addresses it spreads to, avoiding most Web mail addresses and any others that may report to antivirus or filtering companies, apparently a crude attempt to avoid detection. Panda, Sophos and Symantec have all been blacklisted by the worm, along with words such as "abuse," "privacy" and "spam," which, if they appear an e-mail address, may be an indication of an address used to report unsolicited or malicious mail.

Currently, the e-mail spreading in the wild has the subject line "123" or "12345" and an attached file called "Playgirls2.exe" or "Playgirls_2.exe," security companies said.

Sophos said the virus is timed on the first day of each month to attempt to launch a denial-of-service attack intended to swamp the targeted Web sites with Internet traffic.

Will Sturgeon of reported from London.