Late Valentine E-cards By Storm Trojan
Latest Nuwar/Storm campaign over the weekend offering belated Valentine e-cards. The malicious e-cards contain a URL to random blogspot.com pages sporting a love theme linking to the Storm executable. The bait pages by themselves do not contain any exploits and rely solely on end-user interaction to click and install the malware. The executables being offered are “love.exe” and “withlove.exe”, both being hosted on a fast-flux domain.
This is not the first time BlogSpot.com has been abused to host malware laced pages. Zlob a.k.a Puper Trojan did that last year and also spam messages these days contain Google’s Blogger links to blogspot.com that do simple forwards to the spammer’s domain.
The weird thing about this is why would anyone launch a Valentine-themed campaign in April?
More on CyberInsecure:
Leave a Reply
Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.