Microsoft
Here are some of the key reasons why you would want to run Unified Access Gateway with DirectAccess.
'Storm' Trojan horse taps into YouTube fever
Hackers have changed their tactics again
August 27, 2007 12:00 PM ETComputerworld - Hackers bent on spreading the Storm Trojan horse have changed tactics again and are now trying to dupe users into clicking on links posing as YouTube videos, security vendors warn.
Storm, a.k.a. Peacomm and Nuwar, is now spreading via e-mail that includes a link that appears to be to a YouTube video, said Johannes Ullrich, chief research officer at the SANS Institute, on the Internet Storm Center's blog this weekend. "The link looks like a link to YouTube, but actually points to a 'numeric' URL like old Storm variants," said Ullrich.
Placing the mouse cursor atop the bogus YouTube link will show a numeric IP address rather than the expected www.youtube.com, a good indicator of a scam attempt.
Recipients who click on the link see a message that claims the video is loading in the background, said Vinoo Thomas, a researcher at McAfee Inc.'s Avert Labs. Actually, said Thomas, "an embedded obfuscated JavaScript routine attempts a cocktail of browser and application exploits." If any of those exploits are successful, Storm gets dropped on the PC.
Over the weekend, Roger Thompson, a researcher at Exploit Prevention Labs Inc., identified the multistrike exploit package as "Q406 Rollup," a collection that has made the rounds since late last year. Similar to other hacker kits such as Mpack, Q406 includes a dozen or more exploits.
Storm's markers have become well-known for their skill at adapting their pitches to get users to open attached files or click on e-mailed links. Last week, a Symantec Corp. researcher said the group was "very adept" at creating persuasive messages. "They have a knack for latching on to the latest newsworthy events and capitalizing on the public interest in them," said Hon Lu. "And if no newsworthy events are happening at the time, then they will just make them up."
The Storm Trojan horse reportedly behind the summer's plague of malicious greeting card spam, and the machines it has infected -- by some accounts a massive botnet -- served as the launching pad for a huge wave of pump-and-dump stock scam spam earlier this month.
Read more about security in Computerworld's Security Knowledge Center.
Storm
Additional Resources
Microsoft
Review how one energy firm tightened protection and simplified IT work using business-ready security solutions.
Sybase
In this white paper, IDC analyzes the role of next-generation mobile enterprise platforms as organizations seek a more strategic deployment of mobile solutions.
Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.
Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.
White Papers & Webcasts
The Tangled Web: Silent Threats & Invisible Enemies
Download Now
Can Heuristic Technology Help Your Company Fight Viruses?
What is Heuristic Technology and how can it help safeguard your business against viruses? Learn more.
Best Practices for Log Monitoring
Watch Now!
US Military Command Prevents Zero Day Attack with Application Whitelisting
Download this Whitepaper Today!
Data in Action: Making the Planet Smarter
Register Now
Employee Web Use and Misuse
Download this new White Paper today!
The Workday User Experience Video
Watch Workday's Creative Director, Scott Lietzke, discuss the business-centered design philosophy at Workday.
Get More from Your IT Budget
Download this new white paper today!
Business Process Framework Demo
Learn about Configurable Business Processes and Calculated Fields. Watch Now!
Computerworld Reports
Sign up to receive updates on the latest Security resources
