News - Storm Worm Storms Back

2008-10-09 17:29:40

 Storm worm downloads have been flying around the Internet in a new form designed to elude antivirus detection. 

Arbor Networks researcher Jose Nazario blogged about observing the escalated activity, and how the criminals behind the worm have shifted tactics to foil detection. 

"There was some confusion throughout the day because these new payloads and tactics were being used, AV wasn't catching it, and vendors have a dozen names for this threat," he wrote. "That said, once we started to analyze it, sure enough it was the Storm Worm, our old friend." 

A sample Storm worm spam using the newer tactics tries to entice the recipient to open the ZIP archive. This would unpack a 'patch' to fix a problem on the user's machine. Doing this installs the rootkit, which leads to further downloads of additional malware. 

Antivirus companies should be catching up with their signature files and stopping the latest threat. Nazario said Arbor has been sharing information about this incarnation of the Storm worm with other security companies. 

According to the FBI, losses due to laptop theft totaled more than $15 million dollars last year. The Computer Science Institute/FBI Computer Security Survey found the average theft of a laptop to cost a company $89,000 (taking into account the value of the information stored on a device).

Encrypting the information stored on a laptop's hard drive prevents thieves from accessing potentially injurious data if they do steal the device.
Download CryptoImageSize: 2.3 MB