12.28.2007

I don't really need to tell you this, do I?

In an attack that showcases what cyber criminals have in store for Web 2.0 next year, the individual or group behind the Storm worm is distributing new versions of the malware with the help of hijacked and newly-created Google Blogspot blogs.

The Storm worm, one of 2007's most prolific e-mail-borne Trojan horse programs, has always come wrapped in holiday-themed messages or disguised as videos from some recent high-profile news event. The latest Storm versions -- predictably spammed out as Christmas and New Year's greeting cards - don't break with that tradition. It urging recipients to click on a link that then tries to install the Trojan through hook (unpatched Web browser vulnerabilities) or by crook (tricking the user into believing he or she needs to install some "video codec" to view the holiday message).

The twist with the new attacks is that someone has apparently planted the malicious Storm download links on hundreds of Google Blogspot pages (hat tip here to Steven Adair of the Shadowserver.org crew). A Google search for Blogspot blogs that contain links to the malicious Web sites -- "uhavepostcard.com" and "happycards2008.com" (do NOT visit these sites)-- shows plenty of Blogspot blogs that appear to be hosting links to the Storm download sites.

(Washington Post)

Don't go downloading stuff just because it pops up in you face,

No comments: