Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in your inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go

‘Storm’ Spam Using Halloween Theme is Latest Social Engineering

Web users have been cautioned that spam mails on Halloween themes and carrying the malicious Storm Trojan are circulating.

The Marshal Trace team of experts has detected a surge of Halloween-themed spam messages that offer a Website where recipients could go and download software that falsely claims to create an image of a 'dancing skeleton' for the computer user's desktop.

But on visiting the Website, users get exposed to vulnerabilities and a malicious file called "Halloween.exe". The executable file is actually a carrier of the Storm Trojan that takes control of the user's computer to add it to a botnet - an army of compromised PCs that obeys the command of a remotely controlling server.

This spam is the latest improvisation of the e-card spam scam, also referred to as Storm, said Senior Technology Consultant, Graham Cluley, at Sophos. Webuser published this on October 31, 2007. The Trojan that is already scattered widely is capable of seducing more users with the jazzy Vengaboys soundtrack.

The gang of criminals responsible for the malware has cleverly chosen disguises on catchy topics and crafted enticing e-mails difficult to resist, Cluley added.

The malicious e-mails show different types of subject lines such as 'Happy Halloween, Dancing Bones', 'Show this to the kids', 'Man this rocks', 'The most amazing dancing skeleton' and 'Send this to your friends'.

The Storm-created botnet has been dangerously controlling lakhs of PCs. According to the Marshal Trace Team's estimates, the Storm botnet alone sends out as much as 20% of the entire current spam.

Today's Storm Trojan that uses Halloween to lure unwary users is the most recent variety of social engineering tactics popular with Internet criminals, Vice President of products, Bradley Anstis, at Marshal said. Darkreading published this in news on October 31, 2007. Previously, the Storm campaigns took advantage of current events like the NFL sports and the US Independence Day. It is quite possible that the Halloween-themed spam would lure an even wider audience, beyond United States even, Anstis reflected.

The notorious Storm Trojan made its debut in January 2007 and quickly became successful by making headlines on current affairs.

Related article: “Loopholes did not cause online banking thefts”: ICBC

» SPAMfighter News - 17-11-2007

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next