Following a recent advisory from CERT that virus writers are concentrating on home users, Sophos has detected a new virus that displays those virus traits such as opening IRC channels to await further instructions from the attacker. W32/Cult-A is a worm and backdoor Trojan that arrives in an email pretending to be an eCard from BlueMountain.com with a pdf attachment. It spreads by emailing itself to random addresses and by sharing files over the KaZaA peer-to-peer network. If a recipient launches the attachment, the worm displays a false error message with the text “The instruction at 0x776456de referenced memory at 0x6235525g3. The memory could not be read Click on OK to terminate the application”. Full Story