• Most Popular
  • Most Shared

Storm's Premature Invitation: PC Tools Issues Early Warning of Valentine's Day Storm...

Wed Jan 16, 2008 7:00am EST
 
Storm's Premature Invitation: PC Tools Issues Early Warning of Valentine's Day Storm Worm

SAN FRANCISCO--(Business Wire)--PC Tools has identified a storm worm that is taking advantage of
Valentine's Day, delivering "withlove.exe" and other Valentine's Day
themed executable names as attachments for email messages with
subjects such as "I would dream" and "Memories of you."

   PC Tools warns consumers that the worm delivers rootkits and
maintains control of a system via peer-to-peer communications (p2p),
potentially making compromised systems a tool in identity theft and
financial loss.

   The storm worm delivers an email with an affectionate statement,
inviting the user to visit a hyperlink containing an IP address. The
destination website will attempt to exploit the visitor's system, and
if it can't, the page provides a download link for the executable.

   PC Tools' Chief Threat Officer, Kurt Baumgartner, said that the
2008 campaign resembles the 2007 Valentine's Day storm campaign that
pushed romantic subject lines such as "Sending you my love" and
"You're the One," but with a Mexican twist for its dropped components.

   "Interestingly, we witnessed a variant of the worm dropping files
like "burito.ini" and "burito5e84-1216.sys" before killing anti-virus
products and adding the victim's computer to its botnet," said
Baumgartner. "The ini file maintains a list of p2p peer information
for maintaining communication throughout the botnet, while the sys
file is a driver that injects code deep into the operating system."

   NOTE TO EDITORS

   Simon Clausen, Chief Executive Officer and Kurt Baumgartner, Chief
Threat Officer, are available for interviews. Kurt Baumgartner
recently presented on unique KelnsertQueueApc rootkit behaviors that
stealthily fuel the storm worm at the recent Virus Bulletin Conference
in September 2007. Further information about the Valentine's Day storm
worm can be found at
http://www.threatexpert.com/report.aspx?md5=ad3bde6bfeb43a92eb29c44f46
bfcb5c and
http://www.threatexpert.com/report.aspx?md5=34f1ff4434ef65c225df372d62
f819b0.

   ABOUT PC TOOLS

   PC Tools is a global software leader with a cache of security and
utility products, including the multi award-winning Spyware Doctor(R).
PC Tools is an industry leader in real-time anti-spyware and has a
number of key patents pending.

   The PC Tools Malware Research Centre monitors trends and emerging
spyware issues and provides security solutions for the consumer and
enterprise marketplace. The company is headquartered in Sydney, with
offices in San Francisco, London, Shannon (Ireland), Melbourne, Kiev,
and Boulder. PC Tools has a global network of distributors, resellers,
and retailers.

Monument PR Worldwide
Sayo Ogundiran, 415-547-1817
650-209-5109 (alternate phone)
sayoo@monumentpr.com

Copyright Business Wire 2008


More from Reuters

Photo

Obama blames "systemic failures" for plane attack

KANEOHE, Hawaii (Reuters) - President Barack Obama on Tuesday blamed "human and systemic failures" for allowing a botched Christmas Day attack aboard a Detroit-bound airliner and a U.S. official said the incident was linked to al Qaeda. | Video

» More Top News
A man passes by a logo of the Tokyo Stock Exchange at the bourse in Tokyo December 29, 2009. REUTERS/Yuriko Nakao

Tokyo trade gets turbocharged

The "Arrowhead" gives Asia's largest -- and long derided -- bourse a viable electronic trading platform, it hopes.  Full Article 

Global Markets
REUTERS/James Saft
JAMES SAFT:

Welcome to the "Teenies"

Shrinking financial sector? Paltry investment returns? Welcome to the the next decade. Don't worry, there's some good news, too.  Commentary 

COMMENTARY