Storm Worm Authors Turn to YouTube Lures
Security Fix has spilled quite a bit of digital ink warning readers about the ever changing tactics of criminals behind the the indefatigable "Storm worm." This week's tactic (or today's as the case may be) involves e-mailed Web links disguised as video clips from YouTube.com
Here's one example that I received yesterday:
The link in the image on the right does not take the clicker to YouTube.com, but to an Internet address of a home computer that the bad guys have compromised and are using to serve up malicious software. If you hover such a link with your computer mouse, it should reveal that the true address is a dotted IP address (e.g. http://72.15.x.x), not a page at YouTube.com.
After a user clicks through to one of the Storm addresses, the machine at that address will attempt to exploit a kitchen sink of known Web browser and other software security vulnerabilities. If the would-be victim is invulnerable to these attacks, he or she will be prompted to simply download and run the malicious code.
The Storm worm is already hugely successful, with estimates of infected machines in the many millions worldwide. This clever tactic, however, is likely to significantly increase the pool of sickened machines.
August 27, 2007; 10:22 AM ET
Categories: Fraud , Latest Warnings , Safety Tips
Save & Share: Previous: Pharmacy Spam Blogs At U.S. Nuclear Safety Lab
Next: Hacking Groceries: Internet Coupon Fraud
Posted by: rjrjj | August 27, 2007 2:50 PM | Report abuse
Posted by: Emilie | August 28, 2007 11:51 AM | Report abuse
Posted by: Backup Bob | August 28, 2007 12:01 PM | Report abuse
Posted by: Keith Warner | August 28, 2007 6:21 PM | Report abuse
Posted by: Rick | August 28, 2007 9:05 PM | Report abuse
Posted by: umm.huh | August 30, 2007 1:04 PM | Report abuse
Posted by: Jim Pivonka | September 1, 2007 12:36 AM | Report abuse
Posted by: windoze_sux | September 6, 2007 6:49 AM | Report abuse
The comments to this entry are closed.