'Storm Worm' back with a twist

The Storm Worm has returned, this time hiding in benign-looking e-cards, but the level of infection may not be as severe as the last.
Written by Victoria Ho, Contributor on

The "Storm Worm" is seeing a resurgence, but unlike the first variant, which had an executable file as an e-mail attachment, the latest Trojan horse is delivered over the Web.

Unsuspecting computer users are tricked into clicking on the links in e-mails, often in the form of e-cards, and get infected when they visit Web sites with the Storm Worm.

Jim Dowling, Sophos' director of Asia sales, told ZDNet Asia in an e-mail Friday that the new campaigns have been "just as prevalent as the earlier Storm Trojan campaigns".

The antivirus company has detected some "6.3 percent of all spam in the last 48 hours [which are] related to e-card spam", Dowling added.

The United States Computer Emergency Readiness Team (US-CERT) posted a message on its Web site several days ago, warning Netizens about the Storm Worm which, it said, is "currently on the rise".

A check with Symantec confirmed the resurgence, but the company spokesperson told ZDNet Asia that it has "not registered much new activity".

One security vendor that has not given the Storm Worm a high alert ranking is McAfee. A company spokesperson said it "has not seen any reports on the Storm worm", and has rated it "low profile".

The Storm Worm first emerged in January as an executable file attachment with e-mails, and was recorded as one of the larger Trojan horse attacks in recent years.

Editorial standards