After two months of inactivity, Storm is back, again taking advantage of the holidays. It comes as an attachment to the following spammed email message:
Users are redirected to the following malicious Web site once they click the link on the message shown above:
The Trend Micro Content Security Team has already blocked the Web site so that it is no longer accessible to Trend Micro customers. Users, however, are reminded still to be cautious of clicking URLs in spammed messages containing Christmas greetings as it would not be very surprising to find Storm, or other malware, there.
UPDATE: (December 25, 2007)
TrendLabs has received another sample of this Storm run (now detectd as WORM_ZHELATI.AIS), as follows:
Subject: Find Some Christmas Tail
got a sec?Winter can be cold. I bet you could use a little something to warm you up. Take 2 min out of your day. You wont regret it. 😉