backtop

Internet "Storm Worm" Virus Hits Computers Worldwide
Tuan Nguyen (Blog) - January 19, 2007 9:24 AM
Print E-mail del.icio.us 67 comment(s) - last by Frosen.. on Jan 25 at 12:10 AM
New virus plays on humanity concerns of email recipients

Finnish data security company F-Secure told reporters today that a computer virus called "Storm Worm" was sent to hundreds of thousands of email addresses globally. Knowing how many e-mail users do not blind-copy (BCC) their friends when sending mass e-mails, the numbers could be much higher. According to F-Secure, "Storm Worm" is spreading very quickly.

Representatives from F-Secure said "the Small.DAM (Storm-Worm) we posted on earlier spread very fast during the night, Helsinki time. The heavy seeding through spam was quickly obvious on our tracking screens. The worm was spread throughout the world very rapidly." The actual virus is called Small.DAM and at this time the origin of the virus is unknown.

F-Secure indicated that those who receive any of the following lines in the subject line of an email are likely recipients of the "Storm Worm" virus:

  • 230 dead as storm batters Europe.
  • A killer at 11, he's free at 21 and...
  • British Muslims Genocide
  • Naked teens attack home director.
  • U.S. Secretary of State Condoleezza...

The virus also comes with one the following attachments:

  • Full Clip.exe
  • Full Story.exe
  • Read More.exe
  • Video.exe

As of now, F-Secure advises that users act cautiously when working with their email, use common sense and have anti-virus measures installed. "Storm Worm" is a trojan and will allow an infected computer to be remotely controlled for malicious purposes such as a denial-of-service attack or data theft.

Comments     Threshold


This article is over a month old, voting and posting comments is disabled
Idiots?
By Spivonious on 1/19/2007 10:59:15 AM , Rating: 5
Ooh it says "read more.exe" that must be a link to a webpage. People are idiots if they think that .exe means "website". Just goes to show that some form of computer license is needed to be able to use a computer.




RE: Idiots?
By codeThug on 1/19/2007 11:30:09 AM , Rating: 5
let's see...

don't kick the dog
don't pee on an electrical fence
don't put your tongue in a light socket
.
.
.
and DON'T click on .exe's in email

hell, that's too much to remember...


RE: Idiots?
By Frosen on 1/19/2007 3:15:50 PM , Rating: 3
I get the point, but peeing on an electrical fence is just a myth. You won't get hurt at all. you're right though it's really tough to remember that exe means application, it's not like every program you've ever run had that extension. Oh wait a minute...


RE: Idiots?
By feelingshorter on 1/19/2007 6:33:41 PM , Rating: 2
The myth is true, from watching Mythbusters. Peeing on an electric fence is not a myth. You can, and do, get shocked peeing on an electric fence at close range.


RE: Idiots?
By TomZ on 1/19/2007 7:00:55 PM , Rating: 2
Voice of experience? :o)


RE: Idiots?
By Frosen on 1/25/2007 12:10:12 AM , Rating: 2
I did it. No shock. Was maybe a foot and half away. And the fence was live, we tried putting LED's on it (bad idea by the way). If you remember from the show, the circumstances they set up for someone to get a shock were such that them happening at the same time was so extrodinarly unlikely that one could say impossible. If i remeber correctly they deemed it plausiable and not confirmed.


RE: Idiots?
By Seymourbbuts on 1/19/2007 11:07:52 PM , Rating: 2
Have you not seen the CKY movies? I believe it is in the first one when Chris Raab pees on the electric fence and it shocks the crap out of him.


RE: Idiots?
By Chase Tacos on 1/22/2007 2:02:16 PM , Rating: 2
Lol CKY kicks ass. JTLYK


RE: Idiots?
By darkavatar on 1/19/2007 1:34:30 PM , Rating: 5
These days, most kids don't know what all those .exe/.jpg/.rar means since explorer hides them by default in winXP, which I think is a pretty bad idea.

(actually, I think a few of my classmates back in high school doesn't know either.....)


RE: Idiots?
By AppleMaster on 1/19/2007 3:00:12 PM , Rating: 5
quote:
(actually, I think a few of my classmates back in high school doesn't know either.....)


I think you need to go back to high school.


RE: Idiots?
By Lazarus Dark on 1/19/2007 9:53:18 PM , Rating: 2
Huh. yknow, I had never thought of that. Of course, when starting a new build of xp, one of the first things I do is enable showing file extensions. But a lot, if not most, probably dont mess with even simple things like that. How the hell do you even use a computer without seeing extentions? I can't even imagine. Maybe those mac people have a point about regular people need a dumbed down os to do everything for them.


RE: Idiots?
By Christopher1 on 1/19/2007 10:29:41 PM , Rating: 2
Well, Windows XP now ASKS you if you really want to open this program file when you open an EXE in an e-mail or even just on your desktop.

It even TELLS you that it is an application and not a web link, so anyone with half a brain who knows how to read at a KINDERGARTEN level shouldn't get zapped by this virus.


RE: Idiots?
By Wightout on 1/20/2007 3:47:01 PM , Rating: 2
Your OS and a lot of programs give you a lot of different warnings. Doesn't mean everyone reads them. Do you honestly go thru every disclaimer or waring your computer throws at you, or before you sign on to something by hitting "OK" or "Accept"?

People see an error report, or a warning box and they look for the "OK" or "Accept" button.

The problem is that these boxes come up a whole lot and thus people start ignoring them. It is the whole boy who cried wolf scenario. Not that i can think of a better way o get this done. =/

What hits people the worst is that these tend to come from friends and family. And you can trust your friends and family right? (Sarcasm =P)


RE: Idiots?
By othercents on 1/19/2007 2:07:10 PM , Rating: 1
Yes, but most viruses are written to launch when the email opens. Many times these auto launching viruses bypass some of the safety mechanisms built into Outlook. Granted if your using Hotmail or Yahoo you should be fine since they will keep you from downloading those files. However if you are a business you need to make sure that those emails are deleted before they get into an employee mailbox. Otherwise employees will just open the email which will automatically launch the virus.

Other


RE: Idiots?
By kkwst2 on 1/19/2007 5:26:44 PM , Rating: 3
AFAIK, all recent versions of Outlook will not automatically launch attachments on opening. In fact, I'm pretty sure it won't even display images automatically by default. It certainly doesn't auto-launch .exe files by default.

If you try to launch an .exe, it warns you by default.

To sum up, you're wrong [good-natured jab].


RE: Idiots?
By mindless1 on 1/19/2007 5:46:13 PM , Rating: 2
"Recent versions"? Then all we need to do is close down the company that made all the prior defective versions then refused to patch them to close this exploit.

Nobody should EVER buy a recent version of software from the same company to fix such a horrible flaw. It is an insult that any newer versions of Outlook are allowed to exist at all for profit.

Most savvy computer users know better (than to open these), but we are not talking about a savvy computer user application, we're talking about software the entire world plus dog had thrust upon them and it MUST be safe for even the old, the very young, the mentally handicapped, etc, etc, etc. In retrospect any kind of problem could be avoided, but nobody is perfect, outside of email everyone makes some kind of minor mistakes from time to time. MS should also be allowed to make mistakes, but not to leave them unpatched.


RE: Idiots?
By TomZ on 1/19/2007 5:57:33 PM , Rating: 2
Your logic is wrong. Ancient versions of software like Outlook did not know about viruses, since they were written before viruses were widespread and a threat. Since this type of security is a new software requirement and product feature, it is entirely reasonable for Microsoft to add this feature in new versions and expect customers to pay for upgrades.

Finally, I don't know of any version of Outlook that automatically executed EXE attachments, ever. If anything, the past few versions of Outlook have been particularly (overly?) proactive in that they block EXE file attachments entirely. AFAIK, there is no way for the end user to even access such an attachment type.


RE: Idiots?
By Christopher1 on 1/19/2007 10:32:15 PM , Rating: 2
I have to agree about the "viruses being a new threat" thing.

It is totally acceptable for Microsoft to want you to buy a new version of the software in order to get new protections against viruses. Viruses are a extremely new thing really, only in the past 5 years have they become a true problem.


RE: Idiots?
By mindless1 on 1/22/2007 5:30:29 AM , Rating: 2
You are arbitrarily ignoring what a virus is and how it's launched. There is no need whatsoever to classify the code as "bad", "virus", etc. There is no valid classification about what Outlook knows about. It is a more glaring glaring flaw that the email client has any option to run external code.

This is not at all a "new software requirement", you are out of your mind. Email borne viri have been around for several years, certainly before Office 95.

It is a bit of a joke that you act as though this is a NEW threat? Where in the world have you been? Obviously not using email very much. Granted a few years ago you wouldn't expect to get dozens of copies of a virus per day, but once in a while was not uncommon, and it only takes ONE to get infected, particularly if the recipient wasn't wise to the risks.

It's not just about blocking EXE, it's about ability to run external code. Lots of exploits arent the cut and dry send-EXE-wait-for-user-to-open. It does account for a lot of them but the underlying problem, and solution, is not restricting access to certain file types, it's removal of the underlying functionality. Restricting access prevents normal use (like saving the file instead of opening) while preventing code execution works.

If you want some separate limited rights sandbox for greeting card type presentation purposes, ok, let that be a default-disabled function a user can enable after it's been fully tested, not against some stereotypical virus but against external code execution.

Again, nobody should be buying newer versions of Outlook, they deserve the version they already had to be patched against this obvious defect. If you volunteer to keep funneling money into companies that don't care about your security except to the extent it helps them sell more product as a marketing feature, go ahead and spend your money any way you want to, but it is rather ludicrous for you to pretend that this subjective choice you make, somehow supercedes someone else's subjective choice not to do it.


RE: Idiots?
By AstroCreep on 1/19/2007 3:00:32 PM , Rating: 3
I work support in a corporate environment (blue-collar service-type of company), and you'd be surprised at the stupid amount of things people do on/with computers; things that would be classified as 'remedial' to a fairly competent computer user. And unfortunately we don't require any of our potential workers to complete a 'computer-competency' type of test before they are hired, nor do we really provide any kind of training (except for apps/systems that are new to the company).
Luckily, our e-mail filters at two-levels before hitting the client, so any 'blocked' file type won't (shouldn't) get through.
We don't block out .doc, .xls, or .zip, however, but being as how the bad-guys have found ways to use them maliciously, users are still at a risk.

"Hey, I opened an e-mail...it said AnnaKournikovaNude.zip, and now my computer won't run Internet..."

Yup, I handled a call like that once. Followed by another e-mail by the same user simply titled 'Uh-oh...'. :(


RE: Idiots?