Storm worm makes a comeback
News, Security Alert April 14th, 2007
Storm worm makes a comeback
Internet Storm Center has warned about the comeback of the Storm worm. Apparently, the worm is back on the web and is spreading at a very fast pace.
ISC said in a statement that the latest variant is based on the infamous Storm worm which has been troubling the administrators around the world since last year.
This new worm comes in a password-protected ZIP file and the targeted user is supplied with the password in a gif file. This makes it hard for the antivirus tools available at the user’s place to detect the worm.
Allysa Myers of McAfee Avert Labs added in a statement: “The tactic for the e-mail is to make you think you’ve been infected, and that you need to open the ZIP file to run a patch or removal tool to fix your machine.”
Ken Dunham, director of the rapid response team at VeriSign iDefense had more information: “Once executed the worm installs a rootkit on the system (wincom32.sys) and communicates over a private peer-to-peer network to update itself. It is highly likely that this latest attack will result in many more downloads, pump and dump attacks, and more as seen with former Storm Worm attacks to date.”
Related Posts
Storm Worm attacking computer users worldwide
Valentine’s Day messages could be used to deliver viruses and worms
New Worm W32.Deletemusic deletes MP3 files on the infected machine
Kama Sutra worm continues to remain a worry
yhoo32.explr: Messenger worm installs bogus web browser

About










Leave a Comment