Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Applications
    • Applications
    • Cybersecurity
    • Mobile
    • Networking

    Spam Spreads Storm Trojan Across Internet

    Written by

    Brian Prince
    Published August 22, 2007
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      The Storm worm continues to sweep through the Internet, this time via a new series of spam e-mails that use login account confirmation details as bait to get recipients to visit malicious Web sites.

      The TRACE (Marshal Threat Research and Content Engineering) team reported the spam e-mails appear to come from a legitimate organization and offer recipients temporary login confirmation details for a Web site. The spam uses text such as “for security purposes, please login and change the temporary Login ID and Password” and includes a link to an IP address that is actually a Web site infected with the Storm Trojan.

      “We have noticed overnight a strong up-tick in the volume of confirmation spam from 18 percent of all spam yesterday to 35 percent,” said Bradley Anstis, director of product management at United Kingdom-based Marshal, in an interview with eWEEK. “This suggests to us that many people are getting caught by it. This is not surprising since the malicious code itself seems to be morphing every 30 minutes or so, making it very difficult to detect with AV scanners…The Storm Trojan has been in circulation now since early this year and is quickly becoming one of the worst offenders of all time!”

      Click here to read more about the Storm worm.

      The Storm worm first touched down on the Web in January. Also known as Zhelatin and Nuwar, the Trojan spread through massive waves of e-mail with subject lines referencing a major storm in Europe and other current events. In the ensuing months, the group behind the malware used a variety of different kinds of spam ploys, including malicious e-cards, to propagate the worm.

      Earlier this month, Atlanta-based security firm SecureWorks reported the number of hosts launching the attack via e-mail had jumped from 2,815 in the beginning of the year through the end of May to a total of 1.7 million in June and July.

      Finnish security company F-Secure warned about the latest twist involving the Storm worm Trojan.

      “A few times over the last week weve posted on how the e-mails used by the Zhelatin/Storm gang have changed, so we werent too surprised to see them change once again,” a F-Secure researcher wrote on the companys security blog. “This time though, they look very different as they talk about you having signed up for different services such as MP3 World or Internet Dating.”

      Anstis noted the new “confirmation spam” outbreak has been launched by the same group that launched the Hot Pictures spam campaign earlier in the week. Though in the past, spam campaigns such as the greeting card campaign would last for weeks at a time, spammers are now modifying or launching new spam campaigns almost daily, he said.

      “They are trying to stay one or two steps ahead of the security companies. It typically takes a lot longer for a security company to react to a new threat than it takes for them to release,” he said. “In this case, the Storm Trojan in all its guises is getting a lot of press, e-card spam, PDF spam, etc., so users are quite well versed. They have to try new techniques so that they can continue infecting PCs and expanding their Botnets. With the malicious code they are using to infect people morphing so often and also other clever techniques like refusing to launch in virtual sessions, it is making it ever harder to track and detect.”

      Anstis advised anyone who receives a message like this from a person they do not know, or have not heard from for a long time, to delete it without opening it.

      Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.

      Brian Prince
      Brian Prince

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×