New Tactics used by the Zhelatin/Storm WormBest Security Tips offers daily news, information, advices and tips about spyware, adware, viruses, trojans, web vulnerabilities, hackers, other threats    | Register now | Login
   
HOME TIPS NEWS TOOLS DOWNLOADS VIRUS & SPYWARE FORUM BOOKS FREE MAGAZINES & PAPERS
GFI LANguard Network Security Scanner - Dld 30-day trial! del.icio.us  digg  Furl  NewsVine  Spurl  Blinklist  Ma.gnolia  Reddit  Tailrank  YahooMyWeb 
Best Tips
Top 5 Free Online Virus ...
Your Kid Online - A Few ...
Network Auditing and Mon...
Excessive User Rights an...
Poking new holes with Fl...
What Is A Computer Virus...
F-Secure Internet Securi...
How To Setup Nintendo Wi...
Top 5 Privacy Protection...
Windows Vista Fails to H...
Security Scanner
Security Categories
 1. Adware/Spyware
 2. Antivirus
 3. Firewall
 4. Phishing
 5. Linux Security
 6. Windows Security
 7. Security Incidents
 8. Web Security
 9. P2P Security
Advertise With Us!
Latest Viruses / Threats
Troj/Agent-HEJ
2008/7/3 19:55:40
Troj/Bancos-BEE
2008/7/3 19:55:40
Troj/Dloadr-BNO
2008/7/3 19:55:40
Troj/Dwnldr-HEZ
2008/7/3 19:55:40
Troj/Mdrop-BTP
2008/7/3 19:55:40
Downloads
 0.Goodok PSP Video Converter
 1.Easy CD-DA Recorder
 2.Draftability software on CD
 3.Vilnard 3D Waterfall Screensaver
 4.
 5.Calculator of Trader
 6.Power Audio CD Grabber
 7.Wondershare Video to Walkman Converter
 8.Midnight Fire - Animated Screensaver
 9.Dynamania Screensaver
RSS / Atom Feeds
Security Incidents : New Tactics used by the Zhelatin/Storm Worm
Posted by Max on 2007/8/21 15:39:07 (564 reads)
Security Incidents

The Zhelatin/Storm Worm gang have run  their "eCard for you" – themed malware spam fo weeks now and apparenty they are moving towads other measn of deception and worm infection.
The tactics are changing again.

The malicious websites haven't changed; they still spread malicious msdataaccess.exe files. However, the e-mails no longer talk about ecards. Instead, they ask you to install a missing component called Microsoft Data Access.

The latest change in the way they convince you to run the worm infected scripts is by talking about "you" having signed up for different services such as MP3 World or Internet Dating. Or Free Ringotnes .

Here is a sample of such an email :

New Member,

We are glad you joined Free Ringtones.

Account Number: 9355369591
Temp Login ID: user4618
Your Temp. Password ID: os593

For security purposes please login and change the temporary Login ID and Password.
Follow this link, or paste it in your browser: http://70.228.87.0/

Welcome,

Confirmation Dept. Free Ringtones



Other articles
2008/7/3 16:38:16 - Major Security Hole in Citibank ATMs
2008/7/2 8:23:19 - Panda Security Launches Beta of Panda Internet Security 2009
2008/6/30 18:47:39 - Endpoint Productivity Gets A Boost With Anti-Executable 3.0
2008/6/30 18:41:27 - NAMESAFE Sues LifeLock for Attempt to Steal NAMESAFE Corporate Identity
2008/6/26 9:48:12 - Phishing targeting Facebook, companies warned

The comments are owned by the poster. We aren't responsible for their content.



 

HOME | NEWS | SECURITY BLOG | TOOLS | DOWNLOADS | SECURITY BOOKS | TIPS | SITEMAP | TERMS AND CONDITIONS | INTERNET SECURITY SEARCH ENGINE | ADVERTISE ON THIS SITE | CONTACT
Oct '07 | Nov '07 | Dec '07 | Jan '08 | Feb '08 | Mar '08 | Apr '08 | May '08 
Best Security Downloads offers 4000+ free and free to try security downloads