22 June 2008
On this quiet Sunday one thing worth mentioning is definitely a new Storm campaign that was spotted in our traps about an hour ago. This time the social engineering technique combines adverts for an alleged pornographic content hosted on a compromised server with a fake anti-spyware software installation.
The campaign is, as usually, seeded by a large number of email messages containing a link to the compromised web server. If the URL link in the Storm email is followed a fake anti-spyware warning will be displayed inside the browser window. The warning looks fairly similar to the genuine Windows alert and may entice the unsuspecting user to install the ?free? anti-spyware repair tool.
Spam botnet using fake news to lure victims
Written by Shaun Nichols in San Francisco
vnunet.com, 21 Jun 2008
The Storm worm has temporarily abandoned its tactic of using recent news happenings in its spam and is instead fabricating current events.
Researchers are reporting a new round of spam messages tied to the Storm network which touch on fake, sensationalized news stories. The emails contain such headlines as 'Eiffel Tower damaged by massive earthquake' and 'Donald Trump missing, feared kidnapped.'
The bodies of the emails contain links which claim to provide further information on the story. However, the links direct to a page designed to resemble adult video site Pornotube. When users click on one of the supposed video links on the page, an executable is launched which installs the Storm malware.