Sophos

Download Windows 7 security - A great leap forward or business as usual?

« Poetic spam? damn.. Game, set and match. »

Storm is not gone

On this quiet Sunday one thing worth mentioning is definitely a new Storm campaign that was spotted in our traps about an hour ago. This time the social engineering technique combines adverts for an alleged pornographic content hosted on a compromised server with a fake anti-spyware software installation.

The campaign is, as usually, seeded by a large number of email messages containing a link to the compromised web server. If the URL link in the Storm email is followed a fake anti-spyware warning will be displayed inside the browser window. The warning looks fairly similar to the genuine Windows alert and may entice the unsuspecting user to install the ‘free’ anti-spyware repair tool.

Soon after the initial fake warning the download of the Trojan will be attempted.

storm20080622_1.jpg

The detection of this variant seems to be quite good from throughout the AV industry. Sophos detects this variant proactively as Mal/EncPk-DA.

Posted on June 22nd, 2008 by Vanja Svajcer, SophosLabs, UK
Filed under: Malware, Spam

Email this story to a friend   Digg   Reddit   Technorati   Slashdot   Facebook   Twitter   NewsVine   MySpace   Google   Live   Mixx   del.icio.us   StumbleUpon  

Download Windows 7 security - A great leap forward or business as usual?

Related posts