A new wave of attacks has originated from the Storm worm, with the theme this time being "love".
Emails with links to a bait Web site hosting the malware are being sent out in bulk numbers for the last three days, warned MicroWorld, a security firm.
The subject lines of these emails are as mushy as they come; i.e. Eternity of your love, I love you soo much, Falling in love with you, For you my love, Our journey, Our love nest, Memories of you, and A kiss so gentle.
The mails come with a Pink heart, and typically read: "Your download should begin shortly. If your download does not start in 10-20 seconds, you can click here to launch the download, and then press run. Enjoy!"
On clicking on these messages, a file named withlove.exe or with_love.exe -- carrying malware named 'Zhelatin.sg' -- is downloaded onto your PC.
'Zhelatin.sg' then drops another file named 'burito.ini', stops antivirus from running on the PC, and activates a range of ports to connect to peer-to-peer (P2P) networks. It then starts sending out spam and such other stuff the remote attacker may want to send out from the infected PC.
According to Govind Rammurthy, chief executive officer of MicroWorld, this is a new roll-out from the ill famed 'Storm' factory with some changes in code and a new spreading theme. Besides, going by initial volumes alone, the attack seems to be fairly large.
Also the malware seems capable of giving a hard time to a couple of security solutions because of the sheer speed with which new variants are being dished out, not to mention the numerous places where these threats can be hosted.
"The subject lines of these emails are as mushy as they come; i.e. Eternity of your love, I love you soo much, Falling in love with you, For you my love, Our journey, Our love nest, Memories of you, and A kiss so gentle."
Thanks for giving information. Now everybody can take care of these messages in this season because valentine day is coming.
by Computer Suppor
from New York
on 22/01/08 11:59 AM
Email
Print
