From ITWire

With Valentines Day approaching, users are warned of a fresh outbreak of the Storm (Dorf) Trojan that uses romantic themes to infect the unsuspecting.

Targets will receive emails with Subject lines include “Falling In Love with You”, “Special Romance”, “You’re In My Thoughts”, “Sent with Love”, “Our Love Will Last”, “Our Love is Strong”, “Your Love Has Opened”, “You’re the One”, “A Toast My Love”, “Heavenly Love”, “Memories of You”, “Pages from My Heart”, “Eternal Love” and “A Dream is a Wish”.

The email body contains another phrase from the list of subject lines, plus a URL containing a numeric IP address pointing to a computer that has already become part of the botnet. If the recipient clicks on the link, they are taken to a web page that displays a heart and attempts to download malware onto their PC.

The attack is launched by an organised gang to steal access to PCs for criminal purposes.

PC Tools’ chief threat officer Kurt Baumgartner said a similar campaign occurred last year. “Interestingly, we witnessed a variant of the worm dropping files like burito.ini and burito5e84-1216.sys before killing anti-virus products and adding the victim’s computer to its botnet,” he said.

The malware ini file maintains a list of p2p peer information for maintaining communication throughout the botnet, while the sys file is a driver that injects code deep into the operating system.

Users must ensure that their Anti Spyware and Anti Virus software is kept up to date to ensure they are protected from malware. Most importantly, do not open email from people you don’t know and, if you do open the email – DON’T CLICK ON THE LINKS in the email.

Popularity: 76% [?]

| This entry was posted on Thursday, January 17th, 2008 at 10:19 am and is filed under PC Security, Social Engineering, Trojans. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.