Sixem.A Virus Alert

PandaLabs, Panda Software's anti-malware
laboratory, is warning users of the appearance of Sixem.A, an e-mail
worm using social engineering to trick users, including subjects related
to the World Cup such as 'Naked World Cup game set'. In the message text
users are offered the chance to attend a "nudist world cup".

Sixem.A also uses other bait, such as a link to a website showing images
of football hooliganism.

The email attachment is an executable file that appears to be an image
but which actually has a double extension. This means that the real
nature of the file is not apparent to users whose systems are set to
hide the extension of known file types. Once executed, the worm connects
to a web page and tries to download the Downloader.JGP Trojan.

In addition, this new worm collects email addresses from the user's
computer which it then sends itself out to. Sixem.A also terminates a
series of processes related to antivirus software to prevent it from
being detected and neutralized. This action also makes the computer
vulnerable to further attacks.

This new worm has been detected and neutralized proactively by
TruPreventTM Technologies without having a previous identification of
it. Users of Panda Software have therefore been protected from the
outset against this new threat.

According to Luis Corrons, director of PandaLabs: "Events such as the
football World Cup force us to pay special attention to possible
security risk, as one of the most difficult factors to control is human
action. The excitement created by the World Cup combined with a bit of
cheek on the part of malware creators can be enough to produce an
effective form of spreading malware. Users are advised to be wary of any
email from unknown sources and to take precautions before downloading
files from websites. To prevent the potentially damaging effects of this
kind of malware users should make sure they have an up-to-date antivirus
with technologies capable of detecting new threats."