New Storm worm variant targets blogs, forum websites
By Rene Millman,
The Storm worm that managed to cause a global virus outbreak earlier in the year has come back and this time it is targeting users who blog or post to forums.
The new variant is propagating itself via links from blogs and forum posts directing users to a malicious website that downloads code onto a user's machine which compromises the computer and turns it into part of a botnet.
Over the past twenty four hours, the virus has had computers post these malicious links on various websites, according to researchers at IT security company Secure Computing. Researchers warned that users should be on the lookout for links containing the text "Have you seen this?" leading to a website with the words "fun video" in them.
Clicking on the link will show a user a dialogue box asking them if they want to open an executable file. This file installs a rootkit on the user's computer and then attempts to distribute itself to other computers.
The rootkit then monitors the user and when they visit a blog or forum site, it then inserts the text and malicious link into messages and blog comments the user has sent. The worm successfully propagates if other users see and click on these malicious links.
Experts said virus writers are becoming more and more sophisticated with new variations of viruses coming out everyday.
"Given that this worm takes people who click on links in seemingly innocent blogs and bulletin boards to websites with malicious content, businesses should be strongly urged to protect themselves by blocking access to these types of websites to prevent 'lunch time browsers' from inadvertently downloading malicious content onto their PC," said Donal Casey, security consultant, Morse.
Casey said that if access to the most common blog and bulletin board websites can't be blocked for business reasons then organisations need to use technology that can assess if a website contains malicious content and either remove the content before the page is displayed or block access to the entire website if it is detected.
You may also like...
Sponsored Links
advertisement
You may also like...
Latest Security Analysis & Insight
What is your password worth?
Would you be tempted to sell off company passwords for a fee? If not, seems like you're in the minority, acccording to research.
- Macs under attack?
- Intel: security inside
- Are you spending too much on IT security?
- Does the government want to snoop on your data?
- Eurocrats versus the cyber criminals
- The truth about spam
- Google and privacy: What’s the problem?
- Q&A: Symantec’s CISO on the source code hack
- RSA: Back from the breach?
Latest Security Reviews
Check Point 2210 Appliance review
Rating: 
advertisement
Most popular
- Apple iPad 3 vs iPad 2 head-to-head review
- Hutchison denies it will pull plug on Three UK
- EMC World 2012: Tucci declares Documentum is here to stay
- ICO: Fines for cookie law breakers
- EMC World 2012: EMC talks up cloud, security and big data
- Dell PowerEdge R820 review
- Sony Vaio T13 Ultrabook review: First look
- BlackBerry 7 OS certified to carry 'Restricted' UK government information
- Facebook floatation marred by Nasdaq glitch
- CIO: Career is over?
Latest News Videos in Security
IT PRO Podcast: Are UK data protection laws flawed?
PlayWe bring in two experts to talk about the problems with UK data protection law and the way it is managed.
Register for IT PRO
You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
