Sophos

Download Windows 7 security - A great leap forward or business as usual?

« Kraken: a giant squid or a wet squib? Excel exploit squashed by BOPS »

Unsubtle Storm

Today’s new wave of Storm-related spam continues the love-based theme they started to use recently (subjects include “Somebody loves you”, “I Wanna Be With You” and “I belong to you”, message bodies proclaim “My heart was stolen”, “For you…Sweetheart!”, “Fallen for you” … and the usual variations on a theme).

This time if you follow the link you get a page that looks like this:

StormCodec

The download points to an executable called StormCodec.exe or StormCodec8.exe, depending on whether you click the link in the text or in the image, but both were detected proactively as Troj/Dorf-BA.

The interesting thing is that the author is almost taunting users by using the common name for his malware. “You have no Storm Codec on your PC.” … no, and we hope to keep it that way.

Posted on April 8th, 2008 by Richard Cohen, SophosLabs Canada
Filed under: Malware, Spam

Email this story to a friend   Digg   Reddit   Technorati   Slashdot   Facebook   Twitter   NewsVine   MySpace   Google   Live   Mixx   del.icio.us   StumbleUpon  

Download Windows 7 security - A great leap forward or business as usual?

Related posts