The Bagle-CM spyware worm spreads as an attachment within emails using subject lines that include:
'FREE OLYMPIC TICKETS LOTTERY!'
'2006 Winter Games in Torino'
'2006 Torino Winter Games FREE Tickets'
The virus spreading attachments use the file names that include 'Generated_bill.exe', 'Order_details.exe', and 'Service_receipt.exe'. The body of the email claims to come from a company selling tickets for the games in Turin, Italy, and even offers tickets to Olympic final events. However, if the attached file is run, the worm can steal information from the computer and allow hackers to gain remote access.
"This latest incarnation of the Bagle worm is hiding behind the flag of the Winter Olympics in an attempt to infect the unwary. But sensible precautions and a spoonful of common sense should ensure nobody is left vulnerable to their computer being struck down," said Graham Cluley, senior technology consultant for Sophos.
"Companies are best protected by automating their anti-virus protection and putting a policy in place at their email gateway to block unsolicited executable code from the outside world."
Despite its sporting camouflage, the Bagle-CM worm is not currently spreading in large numbers. Sophos has been protecting businesses against the Bagle-CM worm since 01:33 GMT on 14 February 2006.
The Bagle-CM worm also attempts to spread via P2P file-sharing systems posing as nude pictures of actress Kate Beckinsale, or erotic content related to hotel chain heiress Paris Hilton and pop starlet Britney Spears.