Select Page

This “storm worm“, as it’s being referred to colloquially, is quite nasty and there is activity out there on this one. Also, F-Secure has reported that it’s started using rootkit technology.

Using email as an infection vector, it uses current events in the subject line, as F-Secure describes:

  • Russian missle shot down Chinese satellite
  • Russian missle shot down USA aircraft
  • Russian missle shot down USA satellite
  • Chinese missile shot down USA aircraft
  • Chinese missile shot down USA satellite
  • Sadam Hussein alive!
  • Sadam Hussein safe and sound!
  • Radical Muslim drinking enemies’ blood.
  • U.S. Secretary of State Condoleezza Rice has kicked German Chancellor Angela Merkel
  • U.S. Southwest braces for another winter blast. More then 1000 people are dead.
  • Venezuelan leader: “Let’s the War beginning”.
  • Fidel Castro dead.
  • Hugo Chavez dead.
  • And the attachment names are:
  • Video.exe
  • Full Video.exe
  • Read More.exe
  • Full Text.exe
  • Full Clip.exe

There are other .exes it will use. These type of attachments are always a security risk, and blocking them is just a fine idea.

Alex Eckelberry
(Hat tip to Ferg)