SecurityHome.eu WSLabs, Malicious Code: New Storm Tactic: Halloween Deception

Home / mailings PDF

WSLabs, Malicious Code: New Storm Tactic: Halloween Deception
Posted on 31 October 2007
Websense Security Lab
Websense® Security Labs(TM) has confirmed that the Storm worm has once again switched lure tactics. The worm has now adopted a Halloween twist in its attempts to infect users with malicious code. The first copies of the new emails began going out just before 9:00am PST on Tuesday, October 30th. As with previous Storm emails, various subjects and bodies will be used. Here is one example email:

Example Subject: Nothing is funnier this Halloween

Example Body:
Come watch the little skeleton dance.
http://<URL Removed>/

Website screenshot available within full alert.

For additional details and information on how to detect and prevent this type of attack:
http://www.websensesecuritylabs.com/alerts/alert.php?AlertID=814

TOP

Mailings :

[SECURITY] [DSA 5823-1] webkit2gtk security update
[SECURITY] [DSA 5815-2] needrestart regression update
[SECURITY] [DSA 5822-1] simplesamlphp security update
[SECURITY] [DSA 5821-1] thunderbird security update
[SECURITY] [DSA 5820-1] firefox-esr security update

Last 20

Exploits :

Customer Support System 1.0 Cross Site Scripting
Xhibiter NFT Marketplace 1.10.2 SQL Injection
WordPress WPCode Lite 2.1.14 Cross Site Scripting
Azon Dominator Affiliate Marketing Script SQL Injection
Simple Laboratory Management System 1.0 SQL Injection

Last 20