Chunky lover spreads malware Simpsons-style


15 Jul 2008

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

Forget Web 2.0 – this is Web 2.D’oh! A sneaky hacker is going by the username ‘chunkylover53’ – formerly Homer Simpson’s email in a 2003 episode of The Simpsons – to trick people into downloading malicious software onto their computer.

Before this episode of The Simpsons was aired, one of The Simpsonswriters pre-empted the possibility of someone using the ‘chunkylover@aol.com’ email address and registered it himself. However, this hacker is using the address on instant messaging facility AIM instead, where fellow users assume it is legitimate.

Many AIM users have already added chunkylover53 to their buddy list and through this account messages are being sent out offering exclusive Simpsons episodes for download, which are is in fact an executable malware file named ‘kimya.exe’ that infects the user’s computer.

The Trojan horse malware then gains unauthorised access and adds the user’s computer to a botnet or part of a collection of what is known as zombie computers, which do the bidding of the master bot, so to speak.

According to vnunet.com the malware was traced back to Turkey where a botnet has been spreading ‘kimya.exe’ for the past four months.

Christpher Boyd from Facetime Security Lab’s official blog said once the executable file is downloaded and installed the computer will crash.

“From this point on the PC will likely need a reboot and will be sluggish until cleaned up, constantly throwing out error messages, crashing when attempting to open Windows Explorer etc,” he explained.

Boyd said FaceTime Security Labs has reported all links related to this attack and at least two of the files claiming to be “exclusive TheSimpsons episodes” are currently offline.

By Marie Boran