Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

New Storm Worm Variant Spreading

Post new topic   Reply to topic    Spyware Warrior Forum Index -> Virus, Worm &Trojan Alerts
View previous topic :: View next topic  
Author Message
Warrior Addict

Joined: 20 Dec 2004
Last Visit: 11 Oct 2016
Posts: 768
Location: Virginia, USA

PostPosted: Thu Jun 19, 2008 10:17 am    Post subject: New Storm Worm Variant Spreading Reply with quote

US-CERT has received reports of new Storm Worm related activity. The latest activity is centered around messages related to the recent earthquake in China and the upcoming Olympic Games. This Trojan is spread via an unsolicited email message that contains a link to a malicious website. This website contains a video that when opened may run the executable file "beijing.exe" to infect the user's system with malicious code.

Subject lines can change at any time, but the following subject lines are noted as being used:

* The most powerful quake hits China
* Countless victims of earthquake in China
* Death toll in China is growing
* Recent earthquake in china took a heavy toll
* Recent china earthquake kills million
* China is paralyzed by new earthquake
* Death toll in China exceeds 1000000
* A new powerful disaster in China
* A new deadly catastrophe in China
* 2008 Olympic Games are under the threat
* China's most deadly earthquake

Microsoft MVP - Consumer Security 2007-2015
Member of UNITE, Unified Network of Instructors and Trusted Eliminators
Back to top
View user's profile Send private message
Junior Member

Joined: 24 Jul 2007
Last Visit: 09 Apr 2009
Posts: 43
Location: Roanoke, Virginia

PostPosted: Tue Jul 15, 2008 10:18 am    Post subject: Reply with quote

The social engineering tactices used by the Storm worm continue to be well engineered. These deceptive messages attempt to trick folks into selecting malicious links that automatically download malware to vulnerable systems.

Storm Worm - Avoid Tabloid headlines in Spam messages

No, spammers haven’t hired a bunch of former supermarket tabloid writers. They’re just doing what they do best – exploiting human nature.

The Storm worm is the Internet's version of Broadway’s “Phantom of the Opera” -- the longest running hit show around. Storm first appeared in January 2007, teasing users with a headline about deadly storms that hit Europe -- "230 dead as storm batters Europe," it said, offering a link to a full story. Clickers found themselves infected with the Storm worm.

Storm was an immediate hit for the hackers, who managed to trick hundreds of thousands of recipients into clicking on the booby-trapped link. That enabled them to build an enormous network of hijacked computers, called a botnet, which they use to send out more spam or commit other Internet crimes.

There have been hundreds of Storm variants since the first one, sent by a loosely affiliated gang of computer criminals. Some estimates say that up to 10 million PCs have been infected with Storm at one time or another.

But in April, Microsoft updated its malicious software removal tool, much to the chagrin of the hackers. About four-fifths of the vast Storm network was cut off, said Paul Wood, a security researcher at MessageLabs.

Comprehensive list of dozens of headlines
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Virus, Worm &Trojan Alerts All times are GMT - 8 Hours
Page 1 of 1

Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group