Virus warning
Virus warning
--------------------------------------------
SCARY STORM WORM
Beef up your defences - Storm worm drives volume of email viruses on the internet upward by a factor of 20
Eschew those attachments and rev up the firewall - virus threats are set to get worse says a company specialising in monitoring and shielding computers from the ungodly.
Hackers and spammers are raising their game in 2007 with serious virus onslaughts, according to monitoring and screening company Postini. The company offers as evidence two massive, global email-borne virus attacks which took place from December 29 to December 31, 2006 and again from January 19 to January 21, 2007.
Each of these attacks was so large that they drove up the level of viruses on the internet by a factor of 20 over usual activity.
Postini says that both attacks were designed to steal personal information and hijack the recipient's computer to add to ever growing botnets – massive networks of infected personal computers used to distribute spam and virus attacks. The size and sophistication of these back to back attacks implies that spam and virus levels on the internet, which are already at all-time highs, will continue to rise as newly hijacked computers are conned into action.
The 2007 attack has become known as the Storm worm due to the original email subject line: "230 dead as storm batters Europe" which referred to a heavy winter storm occurring in Europe. This is the latest example of the attackers' sophistication and real-time capabilities, launching the attack timed to coincide with real news. The email that contained the virus frequently mutated to show dozens of different fake, sensational but believable headlines designed to evade detection and tempt readers into clicking on an attachment, thus infecting their computer. Other subjects included, "Russian missile shot down USA aircraft" and "Saddam Hussein alive!"
Those unwise enough to click on the attachment unleashed a covert virus which then sent personal information (including email addresses, financial information and even credit card details) back to the hackers behind the scam. This information could then be used for identity theft or sold on to others. Postini says the virus also provides a back-door for hackers to take control of the computer and add it to a botnet for future spam and virus attacks.
"The 2007 attack also illustrated the escalating and vicious cycle of spam and viruses being fueled by and creating botnets," said a Postini notification.
Many corporates avoided the malicious material; as the virus attack began, Postini's email protection service began blocking the worm. Over the three day period, Postini stopped more than 29 million infected messages from reaching the 36 000 businesses that it shields. On January 20, 2007, Postini blocked almost 17 million infected email messages, nearly 20 times the average daily virus volume in 2006.
Reinforcing its warning to Internet and email users to exercise extra care, Postini says that the January 2007 Storm worm follows on the heels of another email-borne virus, the Happy New Year worm, which attacked the internet in late December 2006.
The Happy New Year worm contained a subject line and an attachment exploiting the expectations of legitimate post and greeting cards from friends and families ie "You have a postcard". The infected attachment contained numerous strains of malicious code (including Tibs, Nuwar, Banwarum, and Glowa) as well as two root kits designed to hide the presence of the malicious code from anti-virus scans.
Ultimately, the goal of the Happy New Year worm was to create more zombie computers that could be added to botnets and used for additional spamming and other attacks.
Starting on December 28, 2006, internet virus volumes began to dramatically increase and email protection began blocking infected messages. At the peak of the outbreak on December 30, 2006, Postini blocked 19.5 million messages infected with the Happy New Year worm and its variants.
These two attacks were by far the largest to occur in the past 12 months. "The explosion of botnets, has changed the balance of power in terms of global communications security," said Daniel Druker, executive vice president at Postini. "As Valentine’s Day approaches, email users should continue to keep their guard up, as there are already new mutations of the Storm worm with love-related subject lines."
|
Linear Mode
