domomata.com

Just another WordPress weblog

Storm worm e-mail says U.S. attacked Iran

01 Aug 2010

This time Storm is offering form.exe and iran_occupation.exe as executable payloads.

Acording to Dancho Danchev over at ZDNet, the latest iteration of Storm appears to be using the following domains:

A link from one of the Storm worm e-mails leads to this page.

Storm got its name because it first took advantage of a huge winter storm in Northern Europe in early 2007. Since then, it has used a variety of social engineering tricks, including the use of political themes, to get unsuspecting users to open its malicious payload.

statenewsworld . com
morenewsonline . com
dailydotnews . com
dotdailynews . com
newsworldnow . com

(Credit:
Websense)

Recent e-mails stating that the U.S. has already attacked Iran and, in some cases, also offering links to a video purportedly from a soldier, are not to be believed, according to Websense. The security vendor said in an advisory Wednesday that it has linked the provocative e-mails to the Storm worm.

This entry was posted on Sunday, August 1st, 2010 at 12:59 PM and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

« HP to buy LeftHand Networks
Big problems between AT&T and Apple at iPhone 3G l »

Leave a Reply