Website images contain malicious code used by hackers to spread "Christmas" worms.
According to Bkis' analysis, hackers used up to 75 domains with Christmas-related content like SuperChristmasDay.co [removed] , FunnyChristmasGuide.co [removed], ItsFatherChristmas.co [removed]. . The domains have been created by hackers over the past month to serve this distribution.
When a user is tricked into accessing the above websites, the computer will be infected with XmasStorm and hijacked. Virus creates a backdoor, receives a remote command from the hacker to continue spreading.
Bkis warns that if he receives emails of the same format, the user should not click on the link to prevent from being infected with the virus. These infected computers can download the latest version of Bkav antivirus software to kill.
According to Bkis, at the end of the year, especially on holidays like Christmas, the new year is a good time for hackers to spread viruses. Virus emails often take the form of greeting cards, promotional purchase information, gifts or opportunities to win year-end prizes to deceive users. Users must be very careful, carefully read the content of emails to see if they are true for you, if in doubt, you should absolutely not open links or attachments.