Storm via Independence Day Fireworks Infects Computers

According to Sophos, the Storm worm is again spreading across the US, dampening the mood for Independence Day celebrations by infecting Windows PCs.

According to the latest reports obtained from security provider, Sophos, it is warning people to watch out for an e-mail scam that is spreading widely across the US by attacking computers. The campaign, which feigns to be a video showing a display of fireworks on the occasion of American Independence Day, actually attempts to entice innocent users to hack their computers.

Describing the method of spreading malware, Security Analysts at Sophos said that the malware spreaders are using various subject lines like "Amazing Independence Day salute," "Celebrating Fourth of July," "America the Beautiful," "Happy Fourth of July," "Fabulous Independence Day firework," and "God Bless America."

To prove that the e-mails were scattering malware, Sophos seized a few samples of the e-mails containing subject lines - "The best firework you've ever seen", or "Amazing Independence Day salute" and found that a URL link was embedded in each of them. Thus, users who visit link are directed to a malevolent Webpage that poses to present a video displaying a firework along with a message.

According to Sophos, the message announces the start of the colorful Independence Day celebration across the country and says that the biggest firework takes place on the final workday before the 4th of July. The message, which says that unprecedented amounts of money went into this marvelous show and asks the recipient to watch firework by simply clicking on the video link and playing it.

However, on clicking the video, the user's Windows computer is prompted to download an executable file -'fireworks.exe'. Sophos has identified the file as a Trojan program Troj/Dorf-BP, which leads the user to a Storm domain that turns his PC into a spam-spewing bot.

Commenting on this latest tactic of malware writers, possibly those who wrote the Dorf malware, Graham Cluley, Senior Technology Consultant of Sophos said that while everyone enjoys fireworks, nobody would be in the state of celebrating if a malware infects his/her computer. The malware, which converts the infected computer into a bot, only aids criminals to launch spam and commit identity fraud, as reported by Webuser on July 4, 2008.

Related article: Storm Worm Returns with Follow-Up Attack

» SPAMfighter News - 7/24/2008