CyberInsecure.com

Daily cyber threats and internet security news alerts
April 7th, 2008

Late Valentine E-cards By Storm Trojan

Latest Nuwar/Storm campaign over the weekend offering belated Valentine e-cards. The malicious e-cards contain a URL to random blogspot.com pages sporting a love theme linking to the Storm executable. The bait pages by themselves do not contain any exploits and rely solely on end-user interaction to click and install the malware. The executables being offered are “love.exe” and “withlove.exe”, both being hosted on a fast-flux domain.

This is not the first time BlogSpot.com has been abused to host malware laced pages. Zlob a.k.a Puper Trojan did that last year and also spam messages these days contain Google’s Blogger links to blogspot.com that do simple forwards to the spammer’s domain.

The weird thing about this is why would anyone launch a Valentine-themed campaign in April?

Email, Bookmark or Share:
  • E-mail this story to a friend!
  • Digg
  • del.icio.us
  • StumbleUpon
  • Reddit
  • Technorati
  • Slashdot
  • Propeller
  • Google
  • Live
  • YahooMyWeb
  • Facebook
  • LinkedIn
More on CyberInsecure:
  • Storm Trojan April Fools Day Edition
  • Malware Posing As Youtube Codec
  • Transport For London System Failure Disabled Electronic Oyster Cards For Thousands Of Travelers
  • Storm Botnet Is Behind 20 Percent Of Internet Spam
  • New Storm Worm Spam Campaign Mentions FBI And Facebook

    • Posted in Malware, Trojans & Worms | Print This Post Print This Post

    This entry was posted on Monday, April 7th, 2008 at 2:01 pm and is filed under Malware, Trojans & Worms. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Late Valentine E-cards By Storm Trojan

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. Please leave your real email, it wont be published.

    *
    To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
    Click to hear an audio file of the anti-spam word

    « « ActiveX bugs Are Targeted In A New Attack Kit
    HP Ships Proliant Server USB Keys With Malware » »