Spam shot of 'Storm Trojan' reaches record proportions

A massive spam outbreak that tries to trick recipients into opening a file attachment that can hijack their computers has already broken records, security companies said Thursday.

Other stories on this topic
Consumer alert: Massive virus outbreak 4/13/2007
Postini upgrades hosted security services 4/3/2007
The botnets are coming! 2/6/2007
Powered by Inform
RSS feed

According to researchers at Postini, the spam run is the largest in the last 12 months, and more than three times the volume of the two biggest in recent memory: a pair of blasts in December and January. "We're seeing 50 to 60 times the normal volume of spam," said Adam Swidler, senior manager of solutions marketing at Postini.

Arriving with subject headings touting Worm Alert!, Worm Detected, Spyware Detected!, Virus Activity Detected!, the spam carries a ZIP file attachment posing as a patch necessary to ward off the bogus attack. The ZIP file, which is password protected -- the password is included in the message to further dupe recipients -- actually contains a variant of the "Storm Trojan" worm, which installs a rootkit to cloak itself, disables security software, steals confidential information from the PC, and adds it to a bot army of compromised computers.

Irony, it seems, isn't lost on the attackers. "This is really a self-fulfilling prophecy," said Swidler, "by warning users about a worm attack to get them to click on a worm."

There's little funny about the attack. "We're seeing both a very high volume of spam and a self-replicating worm," said Swidler. "This combination is kind of sophisticated. It's technically sophisticated in how they package the payload, but also in how they're trying to fool users into clicking on the attachment."

The malicious spam, Swidler went on, tries to convince users that their computers are already infected with malware, and now part of a botnet. "They're telling people that their e-mail access is about to be cut off, and that they have to install this patch to continue using [e-mail]."

Postini has already counted nearly 5 million copies of the spam in the last 24 hours, and calculated that the run currently accounts for 87% of all malware being spread through e-mail. Spam rates have jumped as well; Postini said 79% of all e-mail is now spam, while rival MessageLabs reported a 13% jump in spam's slice of all messages in just one hour.   

1 | 2 |  Next >

For more enterprise computing news, visit Computerworld. Story copyright Computerworld, Inc.
Recent News:
· Feds draw a bead on Russian behind Mega-D botnet
· Ransomware Attack Resurfaces to Hold Files Hostage
· Adobe Reader X Makes PDF Files Safer
· PayPal Users Beware of Holiday Phishing Scam
· McAfee Reports Malware at All-Time High
Site Map | Recent News | Related Sites

Copyright © 2006 EmailSafety.net - All Rights Reserved.