Bkis warned the Chinese 'Christmas' worm

This morning, December 25, 2008, the Polytechnic Security Center (Bkis) said it had discovered the XmasStorm worm taking advantage of Christmas to spread, hijacking the infected PC.

According to Bkis, the worm originated in China, with the speed and number of spam it launched as a storm, so they put it into the Storm Worm. Under the title 'Merry Xmas!' or ' Merry Christmas card for you! ', deep XmasStorm offers attractive' invitations' to lure users into a website to receive Christmas greeting cards.

Website images contain malicious code used by hackers to spread "Christmas" worms.

According to Bkis' analysis, hackers used up to 75 domains with Christmas-related content like SuperChristmasDay.co [removed] , FunnyChristmasGuide.co [removed], ItsFatherChristmas.co [removed]. . The domains have been created by hackers over the past month to serve this distribution.

When a user is tricked into accessing the above websites, the computer will be infected with XmasStorm and hijacked. Virus creates a backdoor, receives a remote command from the hacker to continue spreading.

Bkis warns that if he receives emails of the same format, the user should not click on the link to prevent from being infected with the virus. These infected computers can download the latest version of Bkav antivirus software to kill.

According to Bkis, at the end of the year, especially on holidays like Christmas, the new year is a good time for hackers to spread viruses. Virus emails often take the form of greeting cards, promotional purchase information, gifts or opportunities to win year-end prizes to deceive users. Users must be very careful, carefully read the content of emails to see if they are true for you, if in doubt, you should absolutely not open links or attachments.