Storm Worm Poses As Phony Virus Warning

Storm Worm authors are attempting to trick the users by sending them emails alerting them about against some spyware or virus infections. So users are advised to immediately delete any e-mail in their inbox that warns that their system is under a virus attack.

It is the warning that is coming from the Internet Storm Centre after the dangerous Storm Worm changed its technique from last week's Fourth of July to this latest trick this week. But, this time, it contains an entirely different text and subject line, but the same potential infection.

As published by Informationweek.com on July 10, 2007, a handler at Internet Storm Centre (ISC), Mark Hofman, wrote in his blog that usually, they discourage the recipients from blindly clicking the links in mails. But, this time, they plan to educate the users about anti-virus practices and corporate antivirus, so that they can distinguish between legitimate and spam e-mails.

Storm Worm creators attempted to use the holiday on 4th of July to spread malware. Marshal-the security-vendor and their TRACE team had identified a new type of Greeting Cards, which invites the users to view a card that is supposedly sent by a friend. Further, it directs the user to click on the link to view the card.

After clicking on it, the user gets exposed to a replica of the Trojan in .exe file 'ecard.exe', which can infect the user's PC and can combine it in to a botnet- a network of computers that can be operated remotely by a controllable server.

The Australian Computer Emergency Research Team (AusCERT) has issued a warning on Monday (July 9, 2007) that the researchers there had found high volumes of spam trying to spread the Storm Worm.

The Australian CERT group has seen mails warning against fake virus and an older Storm Worm scam, which attracts the users with promises of fake emails.

As published by Itnews.com on July 11, 2007, the researchers of AusCERT wrote in the alert, as soon as a visitor visit the links of these emails, he/she is lured to download harmful software. This software allows has backdoor functionality which allows the hacker to fully control a system.

Related article: Storm Worm Returns with Follow-Up Attack

» SPAMfighter News - 7/24/2007