Storm Worm Swipes 1.6 Million PC
No less than 1.6 million computers were attacked by the Trojan Horse that was set in motion on Friday, divulged security firm 'Symantec' on Tuesday, 23 January 2007. Besides, Windows Vista - the new OS to be launched by Microsoft next week - is also seen as being vulnerable to attacks by spammers.
'Peacomm' or the self-styled 'Storm Worm' spams are distributed with the purpose to advertise false news on "US Secretary of Sate Condoleeza Rice has kicked German Chancellor", or "230 dead as storm batters Europe".
Risk-level of the worm Peacomm was raised to Category-III threat by the security Response of the firm. The reason for listing it under this category was the speed & volume the bug is being spread over the World Wide Web. Following hysterical rise in the attacks of the new versions of the malware, it has been heaved to further higher category. The updated versions of Peacomm were noticed during the weekend. The author of the malware was seen responding to the modifications that security companies had made in protection by altering his tactics.
According to Symantec, the virus was attached with emails that feature news clips. As the user clicks to read the news it results in compromising the PC. The virus automatically connects the computer to a remote locator. And, then starts sending out spam mails in bulk. On an average, it sends out 3,500 messages per minute.
However, unlike other worms this malware didn't start spreading itself to other computer systems initially. Instead, Storm Worm started spreading itself rapidly during the last few days, with its creators pumping out more malicious messages.
"It's a long time since we've seen a Trojan spreading with such pace. This exhibits that in spite of several new techniques that the hackers and virus writers have been adopting, the old & easier technique of depending on the weakness of end-user still lets threats to disseminate at greater speed", revealed Kevin Hogan in news published by Computing. Hogan is a senior security researcher with Symantec Response.
Similar to other extensive Trojan attacks, acquiring a huge botnet seems to be the goal behind this scam too. Another reason could be increasing the collection of compromised computers to be used for sending traditional spam mails or for identity mining.
While, the Windows Server 2003 isn't vulnerable to variations of 'Peacomm' because the author has specifically kept this edition out of the code. Windows XP and Windows 2000 are at high risk.
Related article: Storm Worm Returns with Follow-Up Attack
» SPAMfighter News - 27-01-2007