Storm worm targets Barclays, Halifax customers
By Miya Knights,
The 'Storm' botnet is at the core of new phishing activity specifically targeting Barclays and Halifax customers, a security research firm has identified.
The Fortinet threat response team this week discovered these targeted attempts to get users to divulge sensitive account details that exploit the worm, also known as Trojan.Peacomm, in the latest evolution of its use, which breaks away from the trend of using it to send out spam on a massive scale.
This evolution of Storm as a peer-to-peer (P2P) network botnet, using a coordinated collective of infected computers estimated to range in number from thousands to millions of PCs, to target vulnerable users of online banking services with a security check scam has never been seen before, Guillaume Lovet head of Fortinet's threat response team told IT PRO.
"This worm has never been involved in phishing before," he said. "It sends out emails randomly in the hope that some users will be customers of these banks."
The Barclays message, first posted in a Fortinet advisory Monday, reads: "We are undertaking a period review of our member accounts," and prompts users to click on a link designed to get them to enter sensitive personal information like bank details.
A Barclays spokesman told IT PRO: "We are aware of continued phishing attacks and always recommend that customers do not 'ever' give away security details in this way."
Then yesterday Fortinet discovered customers of Halifax had also been targets. This time, the email pretended to alert the user to a security breach in order to trick them into handing over information in the same security check scam.
At the time of writing, Halifax, a division of Bank of Scotland and part of the HBOS Group, had not responded to a request comment on the reports.
Fortinet also pointed out that, while this type of activity is a first in terms of its use of the Storm botnet, the social engineering hook of false security checks in these phishing emails was identified several years ago - indicating that it has most likely been dug up from an old phishing kit.
Lovet also said this suggested parts of the botnet created by the Storm worm are now being sold off to different criminal groups with varying cybercrime tactics.
First spotted a year ago, peacomm was the first malware to use peer-to-peer networking (P2P) or mesh topologies to target unsuspecting Microsoft Windows computers across the internet.
advertisement
Latest Security Features
The continued curse of cybersquatting
For some, it’s a problem confined to the early days of the Internet. But current figures suggest that the cybersquatting problem is, if anything, growing.
- Where next for Microsoft, Yahoo and Google?
- Top 10 mobile features of 2009
- Top 10 security predictions for 2009
- Top 10 reviews of 2008
- The year in IT news
- Top 10 security stories of 2008
- Top 10 business phones of 2008
- 15 tech charities that need your help
- PCI's Bob Russo: Data loss hurts brand more than a fine
Latest Security Reviews
Fujitsu Siemens FibreCAT SX80 iSCSI
Rating: 
advertisement
Latest News Videos in Security
Video: Mobile security threats and Mac complacency
PlayPart two: Eugene Kaspersky, chief executive and founder of Kaspersky Lab, talks about the increasing security threats mobile users are facing.
White papers
Want more background on today's hottest IT trends?
Visit IT PRO's white paper library for more on virtualisation, encryption and other topics.
Register for IT PRO
You'll get exclusive member benefits including free white papers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
Social Bookmark this article: What is this?