Virus dresses up as a naked J-Lo
Antivirus-software maker Panda Software issued an alert on Thursday after receiving about eight reports of the virus, including one from a major aviation company. The aviation company discovered the virus before it could do any significant damage. Panda has given the virus its highest rating of potential risk, distribution and destruction.
One of Panda's competitors, Symantec, considers the virus less of a threat, saying it received only six reports of the virus on Wednesday, indicating that the virus was spreading too slowly to cause any real damage.
But the Jennifer Lopez files pose a serious threat regardless, said Steve Demogines, director of tech support at Panda. Hiding behind the fictitious photos of Lopez is the lethal Chernobyl virus, which can erase content on files and disable computers.
The other factor that makes the Lopez file dangerous, Demogines said, is that it uses a "social engineering" technique that could prove effective. The term social engineering refers to the practice of coming up with intriguing e-mail subject lines to fool the unsuspecting into opening virus-infected files.
The Lopez file's subject line reads "Where are you" and the attachment is titled JenniferLopez_Naked.JPG.VBS.
"Virus writers are still successfully using the social engineering technique to trick the unwary user," said Panda in a statement on Thursday.
The Jennifer Lopez file is the latest in a string of mass-mailing worm viruses--copycat versions of the Anna Kournikova virus, which spread across the globe in February by encouraging victims to click on a supposed picture of Russian tennis star Anna Kournikova.
The Anna virus had the ability to mail itself to a large number of Internet users but did not damage computer systems. Its main threat was that it might clog servers. The virus inside the Lopez file packs a more destructive payload.
When the W95/CIH virus is unleashed, it goes on a search-and-destroy mission, Panda said in a statement.
The virus seeks out and overwrites code on specific files on the hard disk, stripping them of their content. The virus also infects the Windows installation folder and can disable a computer by overwriting the motherboard, rendering it useless and preventing a user from booting up, said Demogines.