Storm Worm Starts Afresh
E-mail with multi-pronged virus is sweeping across the Internet these days. The virus is nicknamed 'Storm Trojan'.
The Storm Trojan becomes active if a recipient clicks on a link provided in the e-mail instead of opening an attachment. That makes it difficult to track the source, said Hoala Greevy, CEO of Pau Spam in a statement reported by Pacific Business News on July 1, 2007.
The alert further said that every system with the Storm infection has the capability to host the malware and distribute the spam, but in a particular run, only a few infected PCs would be used depending on what number of spam mails the attackers want to send and what number of web results they anticipate.
The objective of the attacker is to trick the user into downloading a Trojan. On executing it, the computer connects to a server hosting malware. According to SANS, this server has been functioning since December 2006 and it tries to install zombie program. This way, the PC gets tied to a botnet. When SANS tested the Trojan on 30 separate anti-virus solutions, only 10 of them recognized the dubious ecard.exe.
Related article: Storm Worm Returns with Follow-Up Attack
» SPAMfighter News - 11-07-2007