Latest Storm Worm - uses fake You-Tube links - Security Protection

Common Tasks

Community

Email Notifications

Personal Links

Security Protection - Harry Waldron (CS)

Security Best Practices, Breaking News, & Updates

Latest Storm Worm - uses fake You-Tube links

Lightning This new version of the Storm worm is designed to appear as legitimate video links to You Tube's site. Please be careful with all email links as the storm worm attacks continue.

Storm of the Day, Now with YouTube
http://isc.sans.org/diary.html?storyid=3321

QUOTE: The latest variation of the Storm worm claims to be a you tube video. The link looks like a link to you tube, but actually points to a "numeric" URL like old storm variants. The downloaded binary is called "video.exe"

Email SAMPLE COPY - (with malicious content removed)

To: Harry
Subject: how did you get that on film, man?
From: (REMOVED)
Date: Sat, 25 Aug 2007 18:18:16 +0530

You can see your face right in the video. its all over the web dude. see for yourself ... (URL REMOVED) ... The link appears to be a valid U-Tube address but is spoofed to directed users to malicious web site)

Posted: Aug 26 2007, 02:33 AM by Harry Waldron | with 4 comment(s)

Comments

Kerry Lingo said:

Rcv'd toda from something like jacobonsjsky@wave.....,com

Email title: Don't send me that stiff Dude.

Text:

I know it is you sending me that email. Check this out:

(URL to youtube)

Never heard of him and not dumb enough to go to site!

careful please and lets work to end this crap

# August 26, 2007 2:26 PM

BiggSexxy said:

Got two over the weekend. Both had lol in the subject along with things like "Dude, you're gonna get caught" and "How did you get that on film?"

# August 27, 2007 8:11 PM

emma said:

just opened my emails on yahoo after been on a weeks holiday abroad to find 40 messages wanting me to luk at videos on youtube people wud have 2 be stupid to open them

# September 8, 2007 8:27 AM

tube » Latest Storm Worm - uses fake You-Tube links said:

Pingback from tube » Latest Storm Worm - uses fake You-Tube links

# October 25, 2007 4:13 PM

Questions? Contact Susan at Susan-at-msmvps.com. Each post's copyright held by the original author. All rights reserved. Blog site is an independent site not sponsored by Microsoft.
Our servers would like to thank www.ownwebnow.com and www.exchangedefender.com. We wouldn't be here without the generosity of Vlad Mazek and his companies.

Powered by Community Server (Commercial Edition), by Telligent Systems

Theme based on the Paperclip Blog Theme included in Community Server.
Enhanced to a Site-Wide Theme by Interscape Technologies.