Storm worm celebrates first birthday with love

Storm worm celebrates first birthday with love

Summary: The anniversary week of the first Storm worm attack brought more variants, one of which launches an early Valentine Day attack.

SHARE:

The anniversary week of the first Storm worm attack brought more variants, one of which launches an early Valentine Day attack.

The social-engineering technique attempts to trick users into clicking on a link in a "Valentine's Day" e-mail, according to Sophos.

"The body of the e-mail contains a link to an IP-address based Web site, which is actually one of the many compromised PCs in the Storm botnet," said Sophos. "The Web site displays a large red heart, while installing malware onto the vistors' PC."

Symantec researcher Hon Lau said that a spam run attempting to exploit St Valentine's Day was perhaps premature.

"I don't know about you, but I feel that this campaign has started a little bit too early," wrote Hon in a blog post. "Maybe the Peacomm creators feel that they need a head start this time, since they started a bit late on their Christmas 2007 campaign. After all they don't want to miss the boat when it comes to gathering more bots for their network."

The most recent attacks are using variants of malicious code known as Troj/Dorf-AP by Sophos and Trojan.Peacomm.D by Symantec.

The original Storm worm code, so named because the first spam run coincided with a severe winter storm in Europe, will reach its first anniversary on 19 January.

Topics: Collaboration, Banking, Malware, Security

Tom Espiner

About Tom Espiner

Tom is a technology reporter for ZDNet.com. He covers the security beat, writing about everything from hacking and cybercrime to threats and mitigation. He also focuses on open source and emerging technologies, all the while trying to cut through greenwash.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

0 comments
Log in or register to start the discussion