The Storm Worm loves the holidays. Security researchers have found that the Storm virus is ringing in the New Year with a fresh wave of attacks. This time, the notorious botnet is recruiting new members with a greeting spam. Subject lines include: "A fresh New Year" "As the New Year..." "As you embrace another New Year" "Blasting New Year" "Happy 2008" "It's the new year" "Joyous new year" "New Hope and New Beginnings" "New Year Ecard" "New Year Postcard" "Opportunities for the New Year" "Happy New Year to You" "Happy New Year to (email address)" "Lots of greetings on the New Year" "New Year Wishes for You."
The e-mails then attempt to direct users to a malicious Web site called uhavepostcard.com. A blog post by anti-virus firm F-secure warns that while the site remains free of exploits (for now), the spam will likely be a precurser to a New Year's Eve-themed Storm attack.
This wave of New Year's spam follows shortly on the heels of a widely distributed Christmas attack, which was delivered December 24, featuring a Santa Clause-themed striptease to entice users to visit merrychristmasdude.com. Subject lines for this holiday spam included: "I love this Carol" "Santa said, HO, HO, HO" "Christmas Email" "The Perfect Christmas" "Find Some Christmas Tail" "Time for a little Christmas Cheer."
A SANS Institute blog post warned that users will see several spam blogs with this domain in the body, directing traffic to siski.cn, when searching for the site on Google. Upon visiting the site, users will immediately be redirected to yet another malicious Web site that will attempt to install a fake video codec, which instead appears to be a malicious PC downloader.
Security researchers recommend that individuals make use of their spam filters to block the malicious domains for both incoming email and outbound web traffic. And, as always, security professionals advise against opening e-mails from an unknown or unsolicited sender.
The e-mails then attempt to direct users to a malicious Web site called uhavepostcard.com. A blog post by anti-virus firm F-secure warns that while the site remains free of exploits (for now), the spam will likely be a precurser to a New Year's Eve-themed Storm attack.
This wave of New Year's spam follows shortly on the heels of a widely distributed Christmas attack, which was delivered December 24, featuring a Santa Clause-themed striptease to entice users to visit merrychristmasdude.com. Subject lines for this holiday spam included: "I love this Carol" "Santa said, HO, HO, HO" "Christmas Email" "The Perfect Christmas" "Find Some Christmas Tail" "Time for a little Christmas Cheer."
A SANS Institute blog post warned that users will see several spam blogs with this domain in the body, directing traffic to siski.cn, when searching for the site on Google. Upon visiting the site, users will immediately be redirected to yet another malicious Web site that will attempt to install a fake video codec, which instead appears to be a malicious PC downloader.
Security researchers recommend that individuals make use of their spam filters to block the malicious domains for both incoming email and outbound web traffic. And, as always, security professionals advise against opening e-mails from an unknown or unsolicited sender.
Share this page
Email this page
Back to Top
Home
Edit Post
0 comments: