Application security

Trojan-laden storm worm making landfall in inboxes worldwide

Malware writers looking to cash in on major current events are becoming even faster in their approach after a mass real-time trojan spam attack spread across inboxes this morning as a deadly wind storm simultaneously battered Europe.

Dubbed the "Storm-Worm" by Finnish anti-virus vendor F-Secure, the malware arrives as mart of a video executable file attached to emails with storm-related subject headings, such as "230 dead as storm batters Europe."

Reports say thousands of computers have been affected. Sophos reported today that one out of every 200 emails being sent across the world contains the malware.

Researchers said that what makes these attacks particularly troublesome are their timeliness, likely preventing end users to have adequate anti-virus signatures in place.

"Nothing new to have a disaster followed up by a simple email virus claiming to be a video of the event," Johannes Ullrich, chief research officer at the SANS Institute, said today in an Internet Storm Center blog post. "However, this one came a bit faster than normal it seems. The storm is still blowing. At least, give our handler, Swa (Frantzen) some time to fix his roof."

The same malware is also being sent with different subject headings not related to the storm, such as "Naked teens attack home director" and "U.S. Secretary of State Condoleezza Rice has kicked German Chancellor Angela Merkel."

"The trojan is spreading at an extremely rapid rate and overwhelming many inboxes," said Ron O'Brien, Sophos' senior security analyst.  "While users will not be affected by simply reading or receiving the email, they must be very careful not to open the attached files.  If they do accidentally open one, a trojan horse will automatically install on their computer, putting it and the network at risk."

Approximately 40 people were killed in Europe after hurricane-force winds ravaged the region Thursday. The Czech Republic, Germany, Poland, and Austria were hit the hardest.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.