SecurityHome.eu WSLabs, Malicious Code: New Storm Tactic: Halloween Deception

Home / mailings PDF

WSLabs, Malicious Code: New Storm Tactic: Halloween Deception
Posted on 31 October 2007
Websense Security Lab
Websense® Security Labs(TM) has confirmed that the Storm worm has once again switched lure tactics. The worm has now adopted a Halloween twist in its attempts to infect users with malicious code. The first copies of the new emails began going out just before 9:00am PST on Tuesday, October 30th. As with previous Storm emails, various subjects and bodies will be used. Here is one example email:

Example Subject: Nothing is funnier this Halloween

Example Body:
Come watch the little skeleton dance.
http://<URL Removed>/

Website screenshot available within full alert.

For additional details and information on how to detect and prevent this type of attack:
http://www.websensesecuritylabs.com/alerts/alert.php?AlertID=814

TOP

Mailings :

[gentoo-announce] [ GLSA 202405-09 ] MediaInfo, MediaInfoLib: Multiple Vulnerabilities
[gentoo-announce] [ GLSA 202405-08 ] strongSwan: Multiple Vulnerabilities
[gentoo-announce] [ GLSA 202405-07 ] HTMLDOC: Multiple Vulnerabilities
[gentoo-announce] [ GLSA 202405-06 ] mujs: Multiple Vulnerabilities
[gentoo-announce] [ GLSA 202405-05 ] MPlayer: Multiple Vulnerabilities

Last 20

Exploits :

SOPlanning 1.52.00 Cross Site Scripting
SOPlanning 1.52.00 Cross Site Request Forgery
SOPlanning 1.52.00 SQL Injection
htmlLawed 1.2.5 Remote Command Execution
Online Tours And Travels Management System 1.0 SQL Injection

Last 20