Storm worm seeks out April fools

The infamous Storm worm has used April Fools' Day to launch its latest spam offensive.

The new attack uses email greeting cards to dupe users into downloading and launching the Trojan application.

Spam messages inform users that they have received an April Fools' greeting card. On clicking the link, the user is redirected to an all-numeric URL and a page which attempts to automatically download an executable file.

The executable contains malware which will add the user's PC to the huge Storm botnet.

The malware network uses peer-to-peer networking tactics to update the software and instruct machines within the network to perform further malicious activities.

Jose Nazario, senior security engineer at Arbor Networks, said that the attack appears to have been launched quite recently.

Nazario reported in a blog posting that the campaign "appears to have started in the past few hours, and reports indicate it was in preparation for the past 24 hours or so".

The attacks follow a familiar pattern for Storm. The operators behind the malware have been using phoney holiday greeting cards to spread the malware almost since the worm was first discovered.

Valentine's Day and New Year's Day have also been recent catalysts for Storm worm attacks.

The storm botnet has become something of a legend within the security community. Researchers have warned that its sophistication in spreading and managing infections could serve as a template for future worms.

There have also been fears that the storm botnet is being rented out to other criminal enterprises which are using its extensive network for phishing runs.

See also:

Spammers crack Gmail Captcha codes

Sharp rise in spam points to Gmail breach  11 Mar 2008

Lottery scam in sham Oxfam spam

'You've won £850,000!'  04 Mar 2008

Hybrid Trojan/worm attacks turn nasty

New worms acting in Trojan-like ways  04 Mar 2008

Like this story? Spread the news by clicking below:

 del.icio.us     Digg this     reddit!