Mass-spammed Valentine's Day worm attack underway

Share this article:

A virus posing as a Valentine's Day message has been spammed to email recipients in a global campaign.

The Dref-AB worm attaches itself to emails with subject lines including "Be My Valentine" and "Happy Valentines Day," in an attempt to entice users into clicking on a malicious attachment, which activates the virus.

The worm is designed to download further malicious code onto the user’s computer, allowing hackers to take control of the machine and create a botnet, according to researchers.

Researchers warned earlier this week that attackers would try to take advantage of Valentine's Day by using social engineering techniques to get PC users to download malware.

The worm is attached to the email in executable files, including flash postcard.exe and greeting card.exe, and has accounted for more than three-quarters of all malware detected by anti-virus vendor Sophos since Tuesday evening.

"This new attack is spreading hard and fast across the net. Cynical hackers are using the theme of Valentine’s Day to conquer innocent people’s computers and use them for their own money-making purposes," said Graham Cluley, senior technology consultant at Sophos. "No one should be blinded by the excitement of today into opening unsolicited attachments or clicking on links to unknown websites, as you could be falling deep into a hacker’s trap."

Meanwhile, researchers at F-Secure spotted trojans in Valentine’s Day greetings posing as the Macromedia Flash Player. The Finnish anti-virus vendor has identified the two trojans as Valenavir.A and Bzub.HZ.

Randy Abrams, director of technical education at ESET, said this week that the "mushy emails" sent around Valentine’s Day are an easy lure for naïve email users. A quick reply message to the sender can clear up confusion, he said.

"Does this mean you can never trust an attachment? No, what this means is that generally it is a very good idea to ask the sender if they meant to send you an attachment before you open it. You can pick up the phone, send a text message or email the sender, but verify the source before you open it," he said. "If you don’t verify the source, you must be very certain that the attachment was deliberately sent by the person you believe sent it."

Click here to email Online Editor Frank Washkuch Jr.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

CryptoWall surpasses CryptoLocker in infection rates

CryptoWall surpasses CryptoLocker in infection rates

A threat analysis from Dell SecureWorks CTU says that CryptoWall has picked up where its famous sibling left off.

Professor says Google search, not hacking, yielded medical info

Professor says Google search, not hacking, yielded medical ...

A professor of ethical hacking at City College San Francisco came forward to clarify that he did not demonstrate hacking a medical center's server in a class.

Syrian Malware Team makes use of enhanced BlackWorm RAT

Syrian Malware Team makes use of enhanced BlackWorm ...

FireEye analyzed the hacking group's use of the malware, dubbed the "Dark Edition" of BlackWorm.