Vulnerability Alerts
SANS
 
Microsoft
 
CERT/CC
 
 
 
Latest Comments
"Agree that wireless hotspots are an easy way for hackers to gather information from connected ..."
on New devices make hotspots a hacker's paradise
by Patrick Hooper | Jul 3, 2009 4:06 AM
 
"Katarzyna what has this got to do with Symantec?? "
on Mobile phone directory service faces consumer uproar
by PaulC | Jul 2, 2009 12:55 PM
 
"Hi Nadim, I'm the chief marketing officer at Ounce Labs, and I disagree with your statement. ..."
on Ounce Labs 5.0
by Jennifer Sullivan | Jun 30, 2009 11:56 PM
 
"noobs!"
on Australia shows poor resistance to phishing
by webappsec | Jun 30, 2009 4:53 PM
 
"Jude makes a good point: by increasing the amount of false information provided to phishers, it ..."
on Commonwealth Bank phishing scam alert
by webappsec | Jun 30, 2009 4:43 PM
Email Security

Mass-spammed Valentine's Day worm attack underway

  • Email a Friend
  • Print Page
Mass-spammed Valentine's Day worm attack underway
Related Articles
By Fiona Raisbeck
Feb 15, 2007 6:31 AM
Tags: Mass-spammed | Valentine's | Day | worm | attack | underway
A virus posing as a Valentine's Day message has been spammed to email recipients in a global campaign.
The Dref-AB worm attaches itself to emails with subject lines including "Be My Valentine" and "Happy Valentines Day," in an attempt to entice users into clicking on a malicious attachment, which activates the virus.

The worm is designed to download further malicious code onto the user’s computer, allowing hackers to take control of the machine and create a botnet, according to researchers.

Researchers warned earlier this week that attackers would try to take advantage of Valentine's Day by using social engineering techniques to get PC users to download malware.

The worm is attached to the email in executable files, including flash postcard.exe and greeting card.exe, and has accounted for more than three-quarters of all malware detected by anti-virus vendor Sophos since Tuesday evening.

"This new attack is spreading hard and fast across the net. Cynical hackers are using the theme of Valentine’s Day to conquer innocent people’s computers and use them for their own money-making purposes," said Graham Cluley, senior technology consultant at Sophos.

"No one should be blinded by the excitement of today into opening unsolicited attachments or clicking on links to unknown websites, as you could be falling deep into a hacker’s trap."

Meanwhile, researchers at F-Secure spotted trojans in Valentine’s Day greetings posing as the Macromedia Flash Player. The Finnish anti-virus vendor has identified the two trojans as Valenavir.A and Bzub.HZ.

Randy Abrams, director of technical education at ESET, said this week that the "mushy emails" sent around Valentine’s Day are an easy lure for naïve email users. A quick reply message to the sender can clear up confusion, he said.

"Does this mean you can never trust an attachment? No, what this means is that generally it is a very good idea to ask the sender if they meant to send you an attachment before you open it.

You can pick up the phone, send a text message or email the sender, but verify the source before you open it," he said. "If you don’t verify the source, you must be very certain that the attachment was deliberately sent by the person you believe sent it."

Click here to email Online Editor Frank Washkuch Jr.

 
Ads by Google
Thoughts on this article? Add a comment below.
Be the first to comment on this article.

Report this comment as offensive:

   * Indicates information we require to process your submission.

Name: *
Email: *
Reason for offense: *
Your report will not be displayed.  
Name:
*
 
Email:
(will not be displayed)
*
 
Comment:
(HTML not permitted)
*
 
Validation
*

Enter the code you see below:

 

 
 
 
 
 
Exclusive Data Centre - Sponsored Content by Microsoft
 
Messaging Whitepapers
 
Popular Tags
attack compromised engineering fabricant gumblar injection javescript jsredirr major malware mass member siemens topics trojan twitter vaserv website websites worm