Keep Watch for “Storm Trojan”

According to headlines on ComputerWorld yesterday, the largest spam attack in the past year is well underway.

"Arriving with subject headings touting Worm Alert!, Worm Detected, Spyware Detected!, Virus Activity Detected!, the spam carries a ZIP file attachment posing as a patch necessary to ward off the bogus attack. The ZIP file, which is password protected — the password is included in the message to further dupe recipients — actually contains a variant of the "Storm Trojan" worm, which installs a rootkit to cloak itself, disables security software, steals confidential information from the PC and adds it to a bot army of compromised computers," according to the article by Gregg Keizer.

Postini has already counted nearly 5 million copies of the spam in the last 24 hours, and calculated that the run currently accounts for 87% of all malware being spread through e-mail. Spam rates have jumped as well; Postini said 79% of all e-mail is now spam, according to Adam Swidler, senior manager of solutions marketing at Postini, who was quoted in the article.

This attack is certainly a good reminder that systems need to have anti-virus and anti-spam software installed and operating, but, perhaps even more than that, it’s a great reminder to use common sense and don’t open emails or attachments unless you know their source. 

*** This is a Security Bloggers Network syndicated blog from IT Best Practices and Compliance Reporting Information authored by abakman. Read the original post at: https://www.bakmansblog.com/2007/04/keep_watch_for_.html