Storm worm resurfaces

The virus has re-emerged but, rather than spreading through executable file attachments in emails, the latest attack is web-borne

The Storm worm is undergoing a resurgence but, unlike the first variant, which had an executable file as an email attachment, the latest Trojan-horse attack is delivered over the web.

Unsuspecting computer users are tricked into clicking on the links in emails, often in the form of e-cards, and get infected when they visit websites containing the Storm worm.

Jim Dowling, director of Asia sales at Sophos, said in an email on Friday that the new campaigns have been "just as prevalent as the earlier Storm Trojan campaigns".

The antivirus company has detected that "6.3 percent of all spam in the last 48 hours [is] related to e-card spam", Dowling added.

The United States Computer Emergency Readiness Team (US-CERT) posted a message on its website several days ago, warning web users about the Storm worm which, it said, is "currently on the rise".

A check with Symantec confirmed the resurgence, but the company spokesperson told said that it has "not registered much new activity".

One security vendor that has not given the Storm worm a high-alert ranking is McAfee. A company spokesperson said it "has not seen any reports on the Storm worm" and has rated it "low profile".

The Storm worm first emerged in January as an executable file attachment within emails, and was recorded as one of the larger Trojan-horse attacks of recent years.