Over the past 3 months, Storm has been tirelessly bombarding the Internet. The number of spams released by this worm is unspeakably numerous and is put into giant campaigns.
According to Vinoo Thomas, an expert with security firm McAfee, during the latest distribution campaign, Storm impersonated an e-card to congratulate the US Labor Day.
" Deep senders have used tags in HTML to disguise links, so careless users will not notice ".
If you click on this hidden link, the user will be directed to a Happy Labor Day website. Here, a "destructive cocktail" will be automatically downloaded to the victim's computer.
About security impotence before Storm worm Picture 1 " They not only exploit vulnerabilities within Microsoft software but also target QuickTime and WinZip buffer overflows ," Thomas said.
Because third-party applications like WinZip are rarely updated with patches, the risk of hackers successfully exploiting the vulnerability is higher. " Users are too lazy and too much work to think about downloading the update and then patching it ."
Just that. Storm's author has shown them to be masters of malware. In order to increase the effectiveness of the attack, they not only took advantage of the US Labor Day but also distributed a series of fake emails, inside the link to watch music videos of top female singers today. like Beyonce Knowles, Kelly Clarkson and Rihanna.
Error in humans
According to Sophos, the title of these emails is usually " Very hot new video ", " Video can't be better " . Besides the beautiful women, Storm also takes advantage of the names of many rice artists. such as The Eagles, Foo Fighter and R. Kelly bands.
If you click on the video link, users will be redirected to a web page containing malicious script and Trojan code, ready to turn their computer into Zombie.
" Obviously hackers are constantly updating the current situation to deceive innocent users. They know very well what is being taken care of online, so although this technique is nothing new in technology, but users are still cheated, "said Graham Cluley, an analyst at Sophos.
The "fox" level even allows them to take a break when humanity is on the holiday and spend less time on the network.
" Beginning at 9:45 pm on Friday night last week, Storm's botnet network was suddenly quiet. They stopped distributing emails, no e-cards, no fake warnings . Nothing. However, only 13 hours. after that, the reel started again . "