Storm malware shapes up as worst 'weather' in years
Symantec: Web hasn't seen an infection like this since 2005's Sober.O
IDG News Service - Malicious software that was sent out in millions of spam messages over the weekend has now infected about 300,000 computers, making it the worst malware outbreak since 2005, Symantec Corp. said Monday.
The so calledStorm Worm e-mail messages first started appearing last Wednesday, advertising attached news reports on topics like "230 Dead as storm batters Europe," or "U.S. Secretary of Sate Condoleeza Rice has kicked German Chancellor."
The attachments have names such as "Full Story.exe" or "Full Video.exe." Once they are launched, these files install malicious software that then waits to receive further instructions over the Internet.
The malware is not actually a worm, however, and infected PCs do not immediately start spreading the software to other computers. Instead, Storm has been spreading more rapidly over the past few days as its creators have pumped out more and more malicious e-mail messages.
"Over the weekend, it really kicked into high gear," said Patrick Martin, senior product manager with Symantec Security Response.
The last time malicious software spread this quickly was in May 2005, when the Sober.O mass-mailing worm affected a similar number of systems, Martin said.
The latest versions of the worm include similarly provocative news headlines and malicious attachments, but the criminals have added a twist over the past few days: the text of the e-mail messages now contains glowing reviews of penny stocks, apparently designed to fuel "pump and dump" stock scams.
Some of the e-mail messages have also been changed to prey on the romantic, security vendor F-Secure Corp. warned. Recent versions of these Trojan e-mails have contained subject lines such as "A Bouquet of Love," "A Day in Bed Coupon," or "A Monkey Rose for You."
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts