The TRACE (Marshal Threat Research and Content Engineering) team reported the spam e-mails appear to come from a legitimate organization and offer recipients temporary login confirmation details for a Web site. The spam uses text such as "for security purposes, please login and change the temporary Login ID and Password" and includes a link to an IP address that is actually a Web site infected with the Storm Trojan.
"We have noticed overnight a strong up-tick in the volume of confirmation spam from 18 percent of all spam yesterday to 35 percent," said Bradley Anstis, director of product management at United Kingdom-based Marshal, in an interview with eWEEK. "This suggests to us that many people are getting caught by it. This is not surprising since the malicious code itself seems to be morphing every 30 minutes or so, making it very difficult to detect with AV scanners…The Storm Trojan has been in circulation now since early this year and is quickly becoming one of the worst offenders of all time!"
Read the rest of this eWEEK story:
ARTICLE DATE: 08.23.07
留言列表
