FierceCIOFierceCIOTechWatchFierceMobileITFierceContentManagement   FierceVoIPFierceHealthITFierceFinanceIT

Storm worm masquerades as patch, storms on

Tools
Tags
IT Security
Software Patches
Worms
hard drive

A new variant of the dreaded "Storm Worm" is hitting inboxes around the world, disguising itself as a fix for infected PCs. Users receive an email with a subject line like "Virus Activity Detected!" Upon opening the email, the user is greeted by a password-protected .zip file that contains the "fix," which is, actually--you guessed it--the virus. Upon making its home as a rootkit on the local hard drive, the virus connects to a private P2P network and downloads updates, possibly to lay the groundwork for a future attack. The virus can be a bit tricky to filter through email, as it apparently uses randomized file names, passwords and subject lines to evade detection. Just be sure that your users know well enough not to install any "patches" they receive via email.

For more on the worm:
- see this ZDnet article

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.

More information about formatting options

What is 7 + 5?
To combat spam, please solve the math question above.