Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Fourth of July holiday exploited in video spam

Sophos : 04 July, 2008  (Technical Article)
E-mails claiming to direct users to videos of US holiday celebrations contain Storm worm putting users at risk of infecting their computers
IT security and control firm Sophos is warning computer users of a widespread email spam campaign that poses as a video of American Independence Day fireworks, but is really an attempt to lure innocent victims into having their computers hacked. The attack is the latest from the gang behind the Dorf malware, also known as the Storm worm.

Subject lines used in emails sent by the hackers include:.

Amazing Independence Day salute.
America the Beautiful.
Celebrating Fourth of July.
Fabulous Independence Day firework.
God bless America.
Happy Fourth of July.

Samples intercepted by Sophos show that inside each email is a simple phrase such as 'Amazing Independence Day salute' or 'The best firework you've ever seen', followed by a web link. Visiting the IP address takes the unsuspecting user to a malicious webpage, which disguises itself as a video player showing a firework display, with the following message:

'Colourful Independence Day events have already started throughout the country. The largest firework happens on the last weekday before the Fourth of July. Unprecedented sum of money was spent on this fabulous show. If you want to see the best Independence Day firework just click on the video and run it.'

However, clicking on the 'video' prompts the computer to attempt to download a file called 'fireworks.exe' onto Windows PCs, which Sophos proactively intercepts as the Troj/Dorf-BP Trojan horse.

'Everyone loves fireworks, but you're not going to be feeling in the mood for celebrations if this malware infects your Windows PC, turning it into a part of a Botnet for criminals to commit identity theft and launch spam and malware campaigns,' said Graham Cluley, senior technology consultant at Sophos. 'Americans are not the only ones at risk as they open their email this morning - people around the world with US-based friends may be tempted to follow the link and watch the video. Many Americans may be taking the day off today to celebrate their country's independence, and return to work on Monday morning not realising what may be waiting for them in their inbox.'

Sophos recommends companies automatically update their corporate virus protection, and run a consolidated solution to defend against malware, spyware, hackers and spam.

'The gang behind the Dorf family of attacks, also known as the Storm worm, has targeted other holidays in the past - Christmas, St Valentine's Day, Halloween.. the list goes on,' continued Cluley. 'The reason that they do this is very simple - it works. People fall for tricks like this all the time. Companies and individuals need to protect themselves with up-to-date anti-virus protection and learn not to be caught out by this kind of simple confidence trick again.'
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo