Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Storm Worm Becomes The Largest Trojan Horse Attack In Months


  • Please log in to reply
1 reply to this topic

#1 harrywaldron

harrywaldron

    Security Reporter


  • Members
  • 509 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roanoke, Virginia
  • Local time:12:38 AM

Posted 19 January 2007 - 03:28 PM

Unfortunately, this trojan horse, disguised as breaking news, coincided with one of Europe's most fercious storms. Please avoid all attachments on breaking news emails and check major news sites instead for pertinent information.

Storm Worm rages across the globe
http://articles.techrepublic.com.com/2100-...11-6151414.html

"Storm Worm," one of the larger Trojan horse attacks in recent years, is baiting people with timely information about a deadly, real-life front, security researchers said Friday. Over an eight-hour period Thursday, malicious e-mails were sent across the globe to hundreds of thousands of people, said Mikko Hypponen, chief research officer for F-Secure.

Storm Worm is already close to being as large as the bigger attacks of 2006, Hypponen said, though it's still smaller than Sasser and Slammer. People who open the attachment then unknowingly become part of a botnet. A botnet serves as an army of commandeered computers, which are later used by attackers without their owners' knowledge.


Additional Links below:

ISC: European Storm Video E-Mail
http://isc.sans.org/diary.html?storyid=2071

Storm Worm strikes computers around the world
http://www.computerworld.com/action/articl...ticleId=9008558

McAfee - DAT 4943 it out and provides protection
http://vil.nai.com/vil/content/v_141316.htm

F-Secure: Small.DAM definition
http://www.f-secure.com/v-descs/small_dam.shtml

F-Secure: Storm-Worm spreads Quickly
http://www.f-secure.com/weblog/archives/ar...7.html#00001087

EMAIL TO AVOID:

Subject:
230 dead as storm batters Europe
U.S. Secretary of State Condoleezza Rice has kicked German Chancellor Angela Merkel
A killer at 11, he''s free at 21 and kill again!
British Muslims Genocide

Attachment: Read More.exe, Full Clip.exe, Full Story.exe, Video.exe


BC AdBot (Login to Remove)

 


#2 harrywaldron

harrywaldron

    Security Reporter

  • Topic Starter

  • Members
  • 509 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roanoke, Virginia
  • Local time:12:38 AM

Posted 23 January 2007 - 03:22 PM

Users should continue to be cautious and not select any attachments in email from untrusted sources, as continued new waves and iterations of the Storm Worm are spammed out in large scale attacks.

New German version - GEZ_Rechnung.pdf.exe
http://www.f-secure.com/weblog/archives/ar...7.html#00001093

Storm Worm changes theme to Love related topics
http://www.f-secure.com/weblog/archives/ar...7.html#00001092

QUOTE: This evening a new wave of the Stormy worm has been widely spammed. The subjects used in the e-mails have now changed from news-related events to love-related topics as you can see from the screenshot and the list of subjects below.

Storm Worm starts to use Rootkit Techniques
http://www.f-secure.com/weblog/archives/ar...7.html#00001089

Storm Worm more Variants emerge
http://www.f-secure.com/weblog/archives/ar...7.html#00001088




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users