We use cookies and other similar technologies (Cookies) to enhance your experience and to provide you with relevant content and ads. By using our website, you are agreeing to the use of Cookies. You can change your settings at any time. Cookie Policy.

Twenty-Four Seven Security

Peter Schooff

Storm Worm is Double Trouble

user-pic
Vote 0 Votes

As almost every industry now seems to be doing mash-ups of different technology, you can now include spammers and cybercriminals in that group. A recent report by MessageLabs stated that recent email messages touting stocks have also come to include links to malicious code. The reasoning is, even if the stock mention fails to entice the recipient, maybe they'll still click on the link, thereby infecting their computer with malware.

In the past 10 days, MessageLabs has uncovered only 3,500 such messages, which has them wondering if the spammers are just at the testing stage of this new scam. Said Mark Sunner, chief technology officer for the company, "These activities are now much more under the radar because they are sending the messages out in discrete chunks. If you spam out (the malicious link), you have a lot of control over the resultant bot net -- you can control the size, (and) what time zone it is being sending to."

What is also interesting about the Storm Worm, also known as Zhelain and Peacomm, is that it does not spread on its own, but only by someone clicking on the link. This is another change in strategy, as by sending out worms and viruses in the form of spam, criminals can grow their bot nets at a more controllable pace (while, most importantly, remaining undetected). This is also an attempt to stymie the virus detectors by denying them the latest variations of the worm which they need to detect it elsewhere.

Leave a comment

Peter Schooff's blog is a daily look at what's going on in the world of computer security with an emphasis on how it affects businesses.

Peter Schooff

Peter Schooff is Contributing Editor at ebizQ, and manager of the ebizQ Forum. Contact him at pschooff@techtarget.com

Recently Commented On

Monthly Archives

Blogs

ADVERTISEMENT