Authors behind the Storm worm have switched tactics yet again. In the latest twist to the ongoing saga, emails punting the malware now contain fake links to YouTube. In reality the links direct potential victims to a malware loaded website designed to turn vulnerable boxes into spam-spewing zombie clients. According to net …
Not social engineering experts
"The unidentified bot herders behind the campaign are experts at using social engineering to extend their army of botnet clients."
Yeah right. I recieved one of these emails with the subject "'dude don't send that stuff to my home email..." yesterday. It came from an address I'd never heard of so I deleted it without opening it. The thing that really made me suspicious was the subject line, after all if the mail contained links to porn or whatever it's your work email you wouldn't want it sent to, not your home email. If they were social engineering experts they'd have thought of that.
Unfortunately these types of attacks will never go away. Users will always click on links without checking the address (like the phishing links, but that's actually 2 kinds of stupidity rolled in to 1)
Wetware - the weak link
MS malicious software removal tool
Why do MS not update their malicious software removal tool to disinfect this, then push it to all windows PCs which are carrying this worm?
All the emails I get touting for phishing are redicilously obvious, I know I'm different being an IT guy but really anyone with any sense would have certain doubts.
I reckon MS needs to have a antivirus built in as a fundamental part of the OS these days, this would stop a vast majority of issues. Either that or have a deal to have avast and spybot s&d installed automatically. The number of pcs i've fixed because of this is too many.
and yes I know they have their malicious software removal tool but even I cant tell what this actually does or if it even runs.
No people are that thick.
In my experiance of some people ( Local Goverment being the worst) are that stupid. I had one bloke the other day that got a phishing email and filled in all his bank details.
It really wouldn't surprise me that at least 10% of people that get the email open it and go to website.
I guess I must have seen the earliest of this 'latest generation' - I saw several of them early last week.
Went to the link on one just for a laugh... pretty usual stuff: To view this highly (humorous (sic)/interesting/explicit) video, you need to install the Microsoft Video plugin, which you can download...... you get the picture...
I even downloaded the 'plugin' just to see what happened (no, I wasn't going to run it), and my antivirus got it straight away!
And the 'dont send it to my home email' is a reference to the people (usually teenagers) who share a single address between the family (yes, some people still do this for some reason) - obviously not wanting their mom to see it (that's mother to those who speak real english).
@ Dave Murray
"The thing that really made me suspicious was the subject line, after all if the mail contained links to porn or whatever it's your work email you wouldn't want it sent to, not your home email. If they were social engineering experts they'd have thought of that."
Haha - you think like that because your single.
Marlon: "I reckon MS needs to have a antivirus built in as a fundamental part of the OS these days..."
In fact, MS has a "pro-virus" built in as a fundamental part of the OS. I can't be bothered to run down the details, but a cursory reading of the entrails indicates that Windows design is -- and always has been -- seriously flawed at its deepest levels. From day one, Windows has had a design that is simply impossible to secure, and in fact caters to viruses, rootkits, etc.
Corporate culture being what it is, MS is both unable and unwilling to figure out a new approach that offers real security. "This is the way we do things around here..." Sometimes I wonder if the real issue is an ego one: the powers that be at MS just can't bear the thought that their own brainchildren don't cut the mustard.
The design may have been okay in pre-net days, but not now.
Hence zombies, botnets, and all the rest of the interesting web phenomena we see these days.
Had a load of those earlier this week.
The format has changed. Up to then, my non-HTML mail client showed the numeric IP address. These didn't. All I saw was a clearly genuine link to Youtube, but one that didn't have a video.
I wonder what the next variant will be. It's a bit overdue.
"malicious software removal...."
RE: Microsoft malicious software removal
Does anybody know what this program actually does?
It seems to me like it ought to be out there removing this worm left right and center but apparently not. In fact I don't think I've ever seen it actually do anything at all.
I ran the Malicious Softweare Removal Tool...
...and now Windows is gone!
Anyhow, the VXers are once again demonstrating that no one ever failed in business by underestimating the intelligence of the average punter.
"I know I'm different being an IT guy but really anyone with any sense would have certain doubts."
If users had more sense, we'd be out of a job.
"To most users the links will appear legitimate..."
That's the problem : _most_ users are obviously idiots. As for me, the friends I have know how to spell, and don't call me "dude" or use "LMAO", "ROFL" or "OMG". My friends actually write to me, and they don't make grammar mistakes like "your crazy man", which doesn't have a shred of sense.
Some day we might get proper grammar checkers on mail filters. I'm sure that would weed out 99% of the filth I get. And as a bonus, it would also force the young whippersnappers to actually think about how they write, otherwise their mail would never get through. Ah, the dreams . . the dreams . .
I'm so sick of this fucking worm
"Anyhow, the VXers are once again demonstrating that no one ever failed in business by underestimating the intelligence of the average punter."
Too right and maybe we will some day find out what the hell they need with the mother of all botnets they have to have a couple million now what are they doing with it if they do something really evil will it then mean that we will get mandatory testing for a license to use the internet anyone caught being this stupid has their computer taken away and buried and they get a piece of flesh removed in a sensitive place with no anesthesia I think I will turn this thing off for a couple of weeks and get drunk and when I come back this worm better be gone.