The Storm Worm is Back and He’s Bad

Looks like we get another round of the Storm Worm, and it looks like it could be the biggest virus attack in over 2 years, according to security company Postini. They say this is the most sustained attack they have ever seen, and it has been going on for 9 to 10 days.

Swidler said in an interview with InformationWeek that the attack started a little more than a week ago, and Postini since then has recorded 200 million spam e-mails luring users to malicious Web sites. Before this attack, an average day sees about 1 million virus-laden e-mails, according to Postini. Last Thursday, however, the company tracked 42 million Storm-related messages in that day alone. As of Tuesday afternoon, Postini researchers were predicting they would see that day between 4 million and 6 million virus e-mails — 99% of them associated with the Storm worm.

While the number of spam e-mails has dropped significantly, it’s still far above normal levels, so Swidler isn’t ready to say the attack is over.

The viruses are not embedded in the e-mails or in attachments. The e-mails, many of them otherwise empty, contain a link to a compromised Web site where machines are infected with a generic downloader. This helps pull the computers into the malware authors’ growing botnet, while also leaving them open for further infection at a later date. Source: Storm Worm Erupts Into Worst Virus Attack In 2 Years

This is all about refilling their botnets full of willing computers so they can get back to the bigger fish, making money off of users. They are also sending out e-card spams, and we are at the level now that we were at back in December, one of the biggest months for that kind of spam because of the Christmas holiday. They assumed it would spike for Independence Day, but it has continued until now and shows no signs of letting up. Don’t click on any links in strange emails, and if you get e-cards from someone you know, I would email them first to see if they really sent it or not.