A worm called Sixem-A is spreading around, luring in victims with subject lines such as "Naked World Cup game set" and "Crazy soccer fans". Cashing in on the current World Cup, the worm attempts to disable security software in order to open the machine up to further attack. The worm, which began circulating earlier this week, has now been blocked by antivirus vendors. It has so far only been detected by a small number of companies, but is the first World Cup 2006 malware to target an English-speaking audience.
"Millions of people worldwide are following the World Cup and will be using the internet and e-mail to keep up to date with all the action," said Graham Cluley, senior technology consultant at security firm Sophos.
The worm uses the usual attack vectors. Victims are encouraged to click on an e-mail attachment, which appears to be an image. This malware, once installed, attempts to download more malware, as well as forwarding itself to other users found in the victim's address book.