Home / mailingsPDF  

WSLabs, Malicious Website / Malicious Code: New Storm tactic: Kitty Greeting Card

Posted on 12 October 2007
Websense Security Lab

Websense® Security Labs(TM) has received several reports of a new Web site that is being distributed in spam sent out by those running the Storm attacks. For more details on the Storm attack, see (http://www.websense.com/securitylabs/blog/blog.php?BlogID=141).


This site poses as a free Ecard Web site. No exploit is on the site itself. However, when users click any of the URLs, they are prompted to download and run a file called "SuperLaugh.exe." This file contains the Storm payload code.


Sample email text:

View your Kitty Card now! (URL REMOVED)


For additional details and information on how to detect and prevent this type of attack:
http://www.websensesecuritylabs.com/alerts/alert.php?AlertID=807

 

TOP