Spyware, Viruses, & Security forum

General discussion

NEWS - January 19, 2007

Small.DAM spammed around

This morning we have been witnessing activities of Small.DAM being spammed

Here are the possible subjects headings:

230 dead as storm batters Europe.
A killer at 11, he's free at 21 and...
British Muslims Genocide
Naked teens attack home director.
U.S. Secretary of State Condoleezza...

Attachments may be of the following filenames:

Full Clip.exe
Full Story.exe
Read More.exe

The detection for Small.DAM was already included in our database update 2007-01-15_01.


Discussion is locked
You are posting a reply to: NEWS - January 19, 2007
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - January 19, 2007
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
'Storm Worm' rages across the globe

In reply to: NEWS - January 19, 2007

By Dawn Kawamoto
Staff Writer, CNET News.com

Published: January 19, 2007,

update The new "Storm Worm" is baiting people with timely information about a real-life, deadly front in Europe and is creating one of the larger worm attacks in recent years, security researchers said Friday.

Over an eight-hour period Thursday, the worm sent malicious e-mails across the globe to hundreds of thousands of people, who unknowingly were part of a botnet, said Mikko Hypponen, chief research officer for F-Secure. A botnet serves as an army of commandeered computers, which are used by attackers to distribute malicious payloads without their owners' knowledge.

Storm Worm carries the subject line "230 dead as storm batters Europe," Hypponen said, noting the unusual twist to the e-mail.

Read more: http://news.com.com/Storm+Worm+rages+across+the+globe/2100-7349_3-6151414.html?part=rss&tag=6151414&subj=news

Collapse -
Phishers: Click here, or eBay shuts down

In reply to: NEWS - January 19, 2007

Fiona Raisbeck Jan 19 2007 14:26
Hackers are claiming the ultra-popular auction site eBay will shut down next month in their latest attempt to extract personal information from web users.

The phishing emails say eBay will close up shop on Feb. 27 and ask members to vote on whether they think this should happen. The message claims that if 50 percent of recipients disagree with the business decision, the website will remain online, according to experts at Sophos.

By clicking on either of the voting links, the user will be directed to a malicious website aiming to steal usernames and passwords.

Read more: http://www.scmagazine.com/us/news/article/627184/phishers-click-here-ebay-shuts-down/

Collapse -
Don't fall victim to the 'Free Wi-Fi' scam

In reply to: NEWS - January 19, 2007

Those wireless connections could be a trap

January 19, 2007 (Computerworld) -- The next time you're at an airport looking for a wireless hot spot, and you see one called "Free Wi-Fi" or a similar name, beware -- you may end up being victimized by the latest hot-spot scam hitting airports across the country.

You could end up being the target of a "man in the middle" attack, in which a hacker is able to steal the information you send over the Internet, including usernames and passwords. And you could also have your files and identity stolen, end up with a spyware-infested PC and have your PC turned into a spam-spewing zombie. The attack could even leave your laptop open to hackers every time you turn it on, by allowing anyone to connect to it without your knowledge.

If you're a Windows Vista user, you're especially susceptible to this attack because of the difficulty in identifying it when using Vista. In this article, you'll learn how the attack works and how to keep yourself safe from it if you use Windows XP or Vista.

Read more: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9008399&source=rss_topic17

Collapse -
Hackers nab

In reply to: NEWS - January 19, 2007

Russian phishing gang targets Nordea customers...

By Andy McCue

Published: Friday 19 January 2007

Russian hackers have stolen

Collapse -
Storm-Worm Small.DAM Spread Quickly

In reply to: NEWS - January 19, 2007

The Small.DAM (Storm-Worm) we posted on earlier spread very fast during the night, Helsinki time. The heavy seeding through spam was quickly obvious on our tracking screens. The worm was spread throughout the world very rapidly.

Here is some footage of the worm's spread to share with our readers:


Collapse -
anti-virus coverage is poor.

In reply to: Storm-Worm Small.DAM Spread Quickly

Collapse -
Microsoft scrambles to fix flawed Excel patch

In reply to: NEWS - January 19, 2007

Many users unable to open documents

Shaun Nichols in California, vnunet.com 19 Jan 2007

Microsoft has released a fix for an Excel security patch after the initial update left users unable to open certain documents.

The error in Microsoft's MS07-002 security update affected users of the Korean, Chinese and Japanese versions of Excel 2000, preventing them from opening any files.

Read more: http://www.vnunet.com/vnunet/news/2172955/microsoft-scrambles-fix-flawed

Collapse -
Spyware maker's sick, dark humor

In reply to: NEWS - January 19, 2007

From Francesco, in our spyware research team:

Here's a screenshot from one of the sites from the "Ricercadoppia/Lowzones" spammers/hidden dialers installers.

Coprocefalo literally means ?sh*t? (copro) ?head? (cefalo) and ?zombie maker?. Iit's pretty obvious what it means, especially since their trojan infector that allows them to send spam creates the file "cefalo.exe".

In the past, this group has also been seen installing the Zango toolbar (and we suspect they may still be doing that).

Alex Eckelberry


Popular Forums

Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


This one tip will help you sleep better tonight

A few seconds are all you need to get a better night's rest.