Subscribe to RSS feeds


Jan15
by JM Hipolito (Technical Communications)

It’s not even Valentine’s Day yet and Storm authors are already spamming out some lovin’.

This new wave of Storm is very similar to previous fake eCard variants that feature a link in the spammed email message:

spammed email message

The link contained in the said message connects to the following page:

Clicking the heart downloads the file WITH_LOVE.EXE, which is detected by Trend Micro as WORM_NUWAR.BK.

The Storm malware shows no signs of slowing down as it nears its first anniversary on January 19th. Since its holiday run is over with Christmas and New Year now past, it’s still gearing up to make its anniversary “special” even if it has to use a holiday theme a month too early. This seems to be in keeping with how it marked the New Year, when the botnet was seen to send out New Year-themed messages on Christmas Day. It could mean that we have to keep a closer look at our social engineering calendars and anticipate Storm waves way before the appointed dates of holidays and special occasions. Because Storm seems to have made a New Year’s resolution: The early worm gets the bird.



This entry was posted on Tuesday, January 15th, 2008 at 8:31 pm and is filed under Botnet, Malware, Spam . Responses are closed, but you can trackback from your own site.



2 Responses to “Storm’s Spamming Out Some Love”

  1. Storm Worm - Gearing up for Valentines Day - Harry Waldron - Microsoft MVP Blog Says:
    January 16th, 2008 at 7:39 am

    [...] Storm Worm - Gearing up for Valentines Dayhttp://isc.sans.org/diary.html?storyid=3855http://www.avertlabs.com/research/blog/index.php/2008/01/15/from-nuwar-with-love/http://sunbeltblog.blogspot.com/2008/01/new-storm-variant-in-time-for-valentine.htmlhttp://blog.trendmicro.com/storms-spamming-out-some-love/http://blog.trendmicro.com/chasing-storm-into-2008/http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_NUWAR.BK [...]

  2. San Valentino, attenti all’ondata di spam | Consulente Informatico - Sergio Gandrus Says:
    February 12th, 2008 at 3:01 pm

    [...] Domani è San Valentino ed è la giornata dedicata alle persone che si amano. Nelle nostre caselle email, quindi, è probabile che arrivino i messaggi della persona amata (cartoline, link, foto o semplici messaggi) ma anche molto spam. Come anche Virus Bullettin consiglia, non aprite i messaggi con mittente anonimo. So che il desiderio che sia lui o lei il mittente della email è tanto ma il pericolo di trovarsi un bel virus nel computer è reale. Spesso l’oggetto del messaggio è accattivante, ancora più spesso è in inglese (’Falling In Love with You’, ‘You’re the One’ ma anche il classico ‘Ti amo’) come segnalano anche F-Secure qui, o Sophos qui e Trend Micro qui. [...]


Chasing Storm into 2008
Phishing in the World of Warcraft and Tibia


 
TrendWatch Hijack This Security Tips for Consumers
Free Online Virus Scan Rootkit Buster Submit Suspicious Files
Global Malware Map RUBotted? Trend Micro
Glossary of Threat Terms

 
© Copyright 2008 Trend Micro Inc. All rights reserved. Legal Notice