Turkish hackers have taken advantage of an email address that appeared in The Simpsons to recruit marks onto the Kimya botnet.
Chunkylover53@aol.com was used as Homer Simpson's email address in the seminal animated series' episode The Dad Who Knew Too Little. The AOL screenname was registered by a Simpsons' writer and used to respond to email in the persona of the world's favourite donut-loving layabout (samples here).
The initial trickle of messages into the inbox quickly reached a deluge and the address became unmanageable not long after it was registered in 2003. It was therefore allowed to lapse into inactivity. But now hackers have reactivated the address to send messages to people who had added the name Chunkylover53 to their AIM buddy list.
Links in these emails lead to a site laced with malware designed to infect computers and incorporate them into the Kimya botnet, instant message security firm FaceTime reports. The tactic isn't in itself new but the plausibility of this particular ruse is much higher than normal, as given the source prospective marks are likely to be think that the 'web exclusive' episode of The Simpsons is real.
FaceTime has a complete write-up of the attack in a blog posting here. ®