CudaMail Solutions

 Thursday, June 19, 2008
CudaMail protects customers from new Storm Worm.
Thursday, June 19, 2008 11:15:26 AM (Mountain Daylight Time, UTC-06:00) ( Anti-Spam | Barracuda Spam Firewalls | CudaMail | Phishing Scams | Spam | Spam Filtering Service | Spam Stats | Threats )
The US-Cert is warning people about a new storm worm surge that is taking advantage of peoples interest in what is happening in China with both the recent earthquake and the Olympics foremost on people's minds.

Of all the messages processed recently by CudaMail with the words 'China' or 'Olympics' in the subject line we were able to block, quarantine or tag this new spam surge with only a handful of them getting through to our customers. This was while at the same time allowing the legitimate messages through as some of our customers do a brisk business with partners in China and will not stand for false positives.

 
The warning from US-Cert is included below so you can see some of the variations of subject lines that are being used but this is not a complete list as the storm worm continues to change the subject line and links to try and evade the anti-spam measures in place such as CudaMail.

 - Shaun

US-CERT Current Activity

New Storm Worm Variant Spreading

Original release date: June 19, 2008 at 11:23 am Last revised: June 19, 2008 at 11:23 am

US-CERT has received reports of new Storm Worm related activity. The latest activity is centered around messages related to the recent earthquake in China and the upcoming Olympic Games. This Trojan is spread via an unsolicited email message that contains a link to a malicious website. This website contains a video that when opened may run the executable file "beijing.exe" to infect the user's system with malicious code.

Subject lines can change at any time, but the following subject lines are noted as being used:

  * The most powerful quake hits China

  * Countless victims of earthquake in China

  * Death toll in China is growing

  * Recent earthquake in china took a heavy toll

  * Recent china earthquake kills million

  * China is paralyzed by new earthquake

  * Death toll in China exceeds 1000000

  * A new powerful disaster in China

  * A new deadly catastrophe in China

  * 2008 Olympic Games are under the threat

  * China's most deadly earthquake

US-CERT encourages users and administrators to take the following preventative measures to mitgate the security risks:

  * Install anti-virus software, and keep its virus signature files up-to-date.

  * Do not follow unsolicited web links received in email messages.

  * Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.

  * Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.

US-CERT reminds users to beware of future phishing attacks that may target natural disasters and the Olympic Games.

Relevant Url(s):
http://www.us-cert.gov/cas/tips/ST04-014.html

http://www.us-cert.gov/reading_room/emailscams_0905.pdf

 ==== This entry is available at

http://www.us-cert.gov/current/index.html#new_storm_worm_variant_spreads2

Comments [0] | Trackback | # 
Related posts:
The Register - Scumbags punt Trojan with baby kidnap lure
In the fight against spam Dutch Police Notify Users Infected with Bot Malware
US-CERT Current Activity - Malware Circulating via Spam Messages
US-CERT Current Activity - Airline E-ticket Email Attack
US-CERT Current Activity - New Storm Worm Activity Spreading
US-CERT Current Activity - U.S. Customs and Border Protection Email Attack

About the author

Shaun Sturby, MCSE Shaun Sturby, MCSE
Technical Services Manager, and Optrics' point person for email security

  Navigation

Home
Archive
CudaMail.com
BarracudaNetworks.ca
Optrics Inc.
Shop.Optrics.com

  Search

  Tag Cloud

Adobe (1) Airline e-Ticket Scam (1) Anti-Spam (28) April Fool's Day (1) Barracuda Central (2) Barracuda Networks (5) Barracuda Spam Firewalls (4) Barracuda Web Filter (1) Barracuda Website Firewall (1) Black Market (1) CudaMail (23) Disaster Planning (1) e-cards (1) False Positives (1) False Spam (3) Fast Flux (1) Fortinet (1) HydraFlux (1) Identity Theft (1) Illicit Trade (1) McAfee (1) Memorial Day (1) Microsoft Exchange (1) MX Backup (1) National Geographic (1) Natural Disasters (1) ORDB (1) Outlook Plug-In (2) PDF Malware (1) Phishing Scams (5) Postini (1) Regional Based IP List (1) Robert Soloway (2) S.P.A.M. (1) Secure Computing (1) Sophos (3) Spam (16) Spam Filtering Service (9) Spam Stats (6) SPF (2) SQL Injection (1) Storm Worm (2) Threats (18) US-CERT (5) Valentine's Day (1)

  Category Feeds

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

  Archive

August, 2008 (3)
July, 2008 (5)
June, 2008 (6)
May, 2008 (4)
April, 2008 (7)
March, 2008 (5)
February, 2008 (9)

  Blogroll

 BarracudaNetworks.ca
 Optrics.com
 Squidoo CudaMail Lens

RSS 2.0 | Atom 1.0 | CDF


Send mail to the author(s) E-mail Us

  Statistics

Total Posts: 41
This Year: 41
This Month: 3
This Week: 1
Comments: 5

CudaMail Blog Subscribe

Subscribe

Sign In


Technology Blogs - BlogCatalog Blog Directory
 

© Copyright 2008, Optrics Inc.