General discussion

Security matters: The Stration strategy

October 20, 2006

WORM_STRATION is a family of mass-mailing worms that propagate using simple, recycled e-mail messages. Stration is an old-fashioned worm. Instead of relying on new avenues for propagation, using alternative technologies, or exploiting new security holes, Stration variants target human vulnerabilities, employing social engineering to spread themselves. Subject lines used by Stration variants include the familiar "Hello," "Mail Delivery System," and "Server Report." The strategy behind Stration appears to be to release numerous variants in the wild, suggesting that Stration may be this year's MYTOB, a worm that recorded the highest rate of spawning variants in 2005.

Although the Stration worm is much less complex than its predecessors, such as NETSKY, BAGLE, MYDOOM, and SASSER, Stration can cause direct system damage through its inherent use of system and network resources for its propagation routine. A large TV station in Japan was reportedly affected by the non-availability of network resources due to heavy network traffic caused by multiple Stration infections.

Read more: http://www.integratedmar.com/flod/story.cfm?item=113

Discussion is locked
Follow
Reply to: Security matters: The Stration strategy
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
Reporting: Security matters: The Stration strategy
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Comments

CNET Forums