Two new variations of the Storm Worm virus on Thursday likely marked the largest proliferation of e-mail-based virus attacks in more than a year, according to security company Postini.
Over the last 24 hours, Postini has seen about 5 million virus e-mails. “We’re seeing 50 to 60 times the average daily volume of spam,” Adam Swidler, senior manager of solutions marketing at Postini, told TechNewsWorld.
The result of this latest assault has been an increase in attacks at many times their usual levels, according to the San Carlos, Calif.-based outfit.
This latest outbreak is significantly larger then the January’s Storm Worm attack, and could possibly “break the record of the Sober Virus in November of 2004,” Swidler noted.
Although some of the virus-laden e-mails come with the word “love” in their subject lines, they actually include an executable file attachment that can launch the Trojan Horse virus, according to Postini researchers.
In addition, the attacks can appear on some systems with “Worm Alert!” in subject lines — in reality, the messages contain a compressed file loaded with malicious code.
“It somewhat ironically warns of an attack and then launches one,” said Swidler. “These are very sophisticated attacks.”
Rootkits and More
The Storm worm can install a rootkit on an infected PC in order to cloak itself, steal confidential information and then add the PC to a “bot army” of compromised computers that are connected to a custom peer-to-peer network used by the worm’s creators, according to Postini researchers.
From there, hackers can issue commands to the compromised PC.
The sophisticated worms also unleashes a series of malware attack methods, which includes hiding itself from antivirus scans.
To the user of an infected PC, “it appears as if nothing has happened,” said Swidler.
The best solution to avoid serious trouble, said Swidler, is to delete any e-mails with subject lines that refer to the worms or the word love.
“Definitely don’t click the attachments,” he added.