As predicted, hackers tried to trick users into downloading the Storm bot Trojan Friday by unleashing a flood of Fourth of July spam bearing links to malicious sites, several security companies reported.
The spam campaign, anticipated earlier in the week by MX Logic, used messages with subject headings ranging from "Amazing firework 2008" and "Celebrating Fourth of July" to "Light up the sky" and "Spectacular fireworks show," said UK-based Sophos in an alert posted to the Web Friday.
Links in the spam led to hacker-controlled sites that trumpeted a video clip worth downloading. "Colorful Independence Day events have already started throughout the country," the malicious sites claimed. "The largest firework happens on the last weekday before the Fourth of July. Unprecedented sum of money was spent on this fabulous show. If you want to see the best Independence Day firework just click on the video and run it."
The file pitched to users was an executable: "fireworks.exe."
Users who agreed to the download didn't receive a video, but instead infected their Windows-running PCs with the Storm Trojan horse, which hijacked the system and added it to the existing collection of compromised computers making up the Storm botnet.
"You're not going to be feeling in the mood for celebrations if this malware infects your PC," said Graham Cluley, a Sophos senior technology consultant, in a statement.
Security researchers at F-Secure, the SANS Institute's Internet Storm Center (ISC) and Trend Micro also reported the Storm spam and infection attempts.
Storm's backers have regularly used holiday-themed spam to dupe users into downloading the Trojan and self-infecting their PCs. Last year, the bot was behind a massive surge in spam during July, and it has been linked to campaigns around Christmas and New Year's.
Earlier this year, Microsoft researchers said that their company's Malicious Software Removal Tool (MSRT) had beaten Storm into submission, a claim contested by third-party security experts.
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Zones provide focussed content from Computerworld and leading technology partners.
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.
Vignette Announces 2008 Excellence Awards 2008-11-21 10:50:00+11
PGP and Ponemon Institute Unveil Inaugural Australian Data Breach Study 2008 2008-11-20 17:34:00+11
Symantec Cloud Services Transform Data Centre Operations Through Proactive Management 2008-11-20 12:06:00+11
Verizon Business Offers Tips to Building a Successful Unified Communications and Collaboration Plan 2008-11-20 12:04:00+11
AARNet Brings 4K Digital Cinema to Australia: First 4K HD Video Signal delivered into Australia by AARNet 2008-11-20 12:02:00+11
Discover the advantages of an open architecture multi-vendor network solution
View this webcast and discover the drivers for changing network design practices, why many organisations are changing their approach to network architecture and how enterprises should be moving forward with open architecture multi-vendor network solutions. Register now and learn how your business can maximize the business value of the enterprise network.
Buying Guides
Latest Products
Buying Guides
