Storm is evolving into a very complex beast.
From rbnexploit.blogspot
Obviously the Russian Business Network (RBN) is working overtime during the Christmas and New Year holiday, no doubt planning for many in the ISP security and anti-spam arena to be on skeleton staff.
There are some interesting elements concerning which make this attack innovative:
# Although much of that detected is conventional spam, however there is also a large amount of spam which is getting through many anti-spam defenses due to the use of “fake” BlogSpot (Blogger) links
# Although most have identified as the Zhelatin Storm email worm or variant, it is also as the more recent fake codec downloads, dependent upon where the unfortunate user has come from. This now shows a “polymorphic” format, i.e. the virus or exploit has the ability to alter its signature in an attempt to combat anti-virus tools.
RBN – New and Improved Storm Botnet for 2008
Source: Harry Waldron
Intertwined. Malware on Google Blogspot
Users are getting infected every day with no interaction required.
Unlike some of these Zlob\Codec sites where users are duped into
downloading something. Or the current run of Storm variants being
pushed via Blogspot for that matter.
If you have the misfortune to be infected, I suggest you seek help at one of the sites listed in the right side column under “Security Forums”.
{ 0 comments… add one now }