To print: Click here or Select File and then Print from your browser's menu

This story was printed from silicon.com, located at http://www.silicon.com/

Story URL: http://software.silicon.com/malware/0,3800003100,39165311,00.htm

Warning over 'Storm Worm' email
Lashings of malware...

By Dawn Kawamoto

Published: Friday 19 January 2007

Malware that's been dubbed the "Storm Worm" is baiting people with timely information about the recent bad weather in Europe, and is creating one of the larger worm attacks in recent years, security researchers said today.

Over an eight-hour period yesterday, the worm sent malicious emails across the globe to hundreds of thousands of people, who unknowingly were part of a botnet, said Mikko Hypponen, chief research officer for F-Secure.

Storm Worm carries the subject line "230 dead as storm batters Europe", Hypponen said, noting the unusual twist to the email.

He said: "The email was started 15 hours ago, when the storm was peaking in Central Europe. This is unusual in that it was very timely."

The attached file contains malicious code. That email, via the botnet, has quickly spread the worm.

The worm is already close to being as large as the bigger ones of 2006, Hypponen said, though it's still smaller than Sasser and Slammer.

Hypponen also noted the worm is unusual because most attacks these days tend to be smaller and targeted, as criminals seek to pilfer personal information for financial gain, rather than fame.

Other email subject lines for the worm include "US Secretary of State Condoleezza... " and "A killer at 11, he's free at 21 and... ".

Hypponen told Reuters most people would not notice the malicious software, which creates a back door to a computer that can be exploited later to steal data or to use the computer to post spam.

Dawn Kawamoto writes for CNET News.com