Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    November 2014
    S M T W T F S
    « Oct    
     1
    2345678
    9101112131415
    16171819202122
    23242526272829
    30  
  • About Us

    I write today on behalf of Bob McArdle, who just discovered a new twist in the Storm Trojan distribution email:

    There is a new wave of the now infamous Storm Worm doing the rounds. This time the mail attempts to convince users to download a program that is currently undergoing Beta Testing. In return the helpful victim receives their own Free Edition (lucky them) and from 5 years to a lifetime of free updates.

    Oh, and their computer joins a massive P2P Botnet, and starts generating massive amounts of SPAM to help spread the worm…still no BETA software comes without the odd bug.

    Here are 2 samples of the mail:

    From:
    [REMOVED]
    To:
    [REMOVED]
    Subject:
    We need you
    Please give us a hand with our new software development Investment
    Developer

    This beta testing will help prepare us for market release. For helping
    out, you will receive a free edition and 5 years of updates.

    Simply download the software. Try it out for one week. Email us what you
    think of it. If you want to participate, just follow the link to our
    download site: http://71.233.[REMOVED].[REMOVED]/setup.exe

    From:
    [REMOVED]
    To:
    [REMOVED]
    Subject:
    Can you help us out?
    Would you consider helping us with your opinion of our new program
    Investment Developer

    This beta testing will enable us to fine tune the software for public
    release. All beta testers will receive a free copy of the final version
    and free updates for life.

    Just download the program, Check it out, and let us know your opinion.
    Ready to be a beta tester? Just follow the link to our easy download
    center: http://61.73.[REMOVED].[REMOVED]/setup.exe

    The keywords to look out for to avoid this threat are “Beta Testing” and “setup.exe”. Interestingly, if you visit the actual URL that setup.exe is being hosted on, it still displays the last generation of YouTube-related attacks. Looks like the Storm crew are getting sloppy.





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon






     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice