Posted on 04/13/2007 10:31:55 AM PDT by holymoly
Thursday likely marked the largest proliferation of e-mail virus attacks in more than a year, according to security company Postini.
Postini said that two variations of the Storm Worm virus, which originally spread across the Internet in January, have quickly driven global virus levels 60 times higher than their daily average. E-mail users should be on alert for messages with "love"-related subject lines and an executable attachment that would contain a Trojan virus, as well as messages with "Worm Alert!" subject lines that contained a .zip file full of malicious code.
Postini, which is based in San Carlos, Calif., says it processes more than 2 billion messages per day in order to compile its reports.
According to warning notices from Postini as well as VeriSign, which also has been following the threat, clicking on the executable file in one of the new Storm Worm e-mails installs a rootkit with anti-security measures that mask the malicious software's presence from virus scans and shut down security programs that may be running. The virus then taps into a private peer-to-peer network where it can download new updates and upload personal information from the compromised computer. Additionally, the virus scans the machine's hard drive to locate e-mail addresses to which it can replicate itself.
Ultimately, computers infected with this virus become unknowing "zombies" in a botnet that are used to send out spam and further the attacks. "It is highly likely that this latest attack will result in many more downloads, pump-and-dump attacks, and more as seen with former Storm Worm attacks to date," Ken Dunham, director of VeriSign's Rapid Response Team, said in a statement Thursday.
The recent Storm Worm proliferation, coupled with a similar attack earlier this week that involved e-mails with "missile attacks" in the subject line, have made this the most active week for e-mail virus attacks in at least a year, according to Postini.
This easily avoided. Do not open attachments received in unsolicited emails.
For those who desire security software, that doesn't take a bite out of their wallet:
| PC security-related links. All software listed is freeware or open source. Last Update: 12/24/2006 |
|
| Anti-Virus: AntiVir® Personal Edition Windows 98/98SE/ME, 2000/XP. Avast Home Edition Windows 95/98/98SE/ME, 2000/XP. AVG Anti-Virus Windows 98/98SE/ME, 2000/XP. BitDefender Free Edition Windows 98/98SE/ME, 2000/XP. On-demand anti-virus program. ClamWin Windows 98/98SE/ME, 2000/XP. On-demand virus scanner. Detects, doesn't clean. Dr. Web CureIT! Windows 95/98/98SE/ME, 2000/XP. On-demand, anti-malware (anti-virus/spyware). Detects and cleans. No installation required. McAfee Stinger On-demand anti-virus/trojan. No installation required. Fits on a 3.5" floppy. |
Alternatives to MSIE, Outlook & Outlook Express: Mozilla.org Firefox browser, Thunderbird E-mail client, Mozilla Suite (1.7.13 is the final release). Opera Supports tabbed browsing, etc. Easier on resources than Firefox, Mozilla/Seamonkey. Unlike Mozilla, Opera currently has no plans to drop support for Windows 9x/ME. Off By One The world's smallest and fastest web browser. No installation required. Popcorn E-Mail Small, no-frills e-mail client. Seamonkey The successor to the Mozilla Suite. Web-browser, e-mail/usenet client, IRC client, HTML editing, all in one application. Xnews Usenet client. |
| Anti-Adware/Spyware: Ad-Aware SE Windows 98/98SE/ME, 2000/XP. On-demand scanner (Select "Ad-Aware Personal"). SpywareBlaster Windows 95/98/98SE/ME, 2000/XP. Prevent the installation of spyware and other potentially unwanted software! SpywareGuard Windows 98/98SE/ME, 2000/XP. Full/real-time protection against spyware/malware. Spybot - Search and Destroy Windows 98/98SE/ME, 2000/XP. Offers on-demand scanning and full/real-time protection. Spyware Terminator Windows 98/ME, 2000/XP. Real-time protection. Remove spyware, adware, trojans, keyloggers, home page hijackers and other malware threats. |
Firewall: Kerio Personal Firewall 2.1.5 Windows 98/98SE/ME, 2000/XP. (Last freeware version) Tiny Personal Firewall 2.0.15A Windows 95/98/98SE/ME, 2000/XP. Tiny Personal Firewall 2.0.9 Windows 98/98SE/ME, 2000/XP. (Last freeware version) ZoneAlarm Free Download Note: Zonealarm is dropping support for Win9x/ME. Zonealarm at Oldversion.com For those who need a version compatible with Windows 9x/ME. |
| Technical Help: CastleCops Security Forums Cyber Tech Help Support Forum SpywareWarrior.com Forum VirtualDr Forums How To Ask Questions The Smart Way This guide will teach you how to ask questions in a way that is likely to get you a satisfactory answer. |
How-to and Tutorial: PCWorld: How to Install a Firewall Using Ad-Aware SE Using Spybot - Search and Destroy |
| Useful sites, etc.: Firewall Test, Security Test and Security Scan Leak Test |
Miscellaneous: MVPS HOSTS File Don't surf the Net without it! Ping Plotter Internet diagnostic tool. Proxomitron Windows 95/98/98SE/ME, 2000/XP. A free, highly flexible, user-configurable, small, but very powerful, local HTTP web-filtering proxy. WinPatrol A robust SECURITY MONITOR. WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. |
| Zeroday Emergency Response Team (ZERT) "The nonprofit Zeroday Emergency Response Team is offering VML security patches for out-of-support Windows OS versions. The volunteer group, which is made up of well-respected security professionals, has released updates for Windows 98, Windows 98 SE, Windows ME, Windows 2000 and Windows 2000 SP3." (eWeek) |
|
bump
.
Thanks for the heads-up, holymoly. BTTT
:’)
Hey, good stuff!
I guess we have to watch out for Global Worming now.
Is this Global Worming?
dang, you got me by 34 seconds!
bump
Gotta be fast around this place.
I informed them they should learn to spell Microsoft and that might help them with their scam.
I had thought they spelled it wrong on purpose to somehow avoid Microsoft Lawyers or something, but it was spelled correctly at the end of the email. They even had an MSN banner on top of the email.
My sister, who is completely ignorant of the internet, just sent me the same thing. I sent her back the above.
What I worry about is that she just bought a home computer and hooked up to Cox Cable for her internet service. I was trying to help her from afar as she couldn't figure out how to access stuff online. It turns out Cox was hit with a phishing memo that asked for personal information from cable customers. I saw that and told her about it. If she had seen it first, she would have dutifully filled out all the information, including her SS#, and sent it back to them. In this case ignorance is not bliss.
BUMP!
Shouldn't be that tough to trace where the updates are updates are coming from, and where the personal information is being uploaded to.
I'll try to remember to watch out for those now that I've been warned! lol
She has a iMac now and Cox has sold out to a group of hog farmers from Nebraska calling themselves Suddenlink. I talked to a local IT supervisor yesterday and told him to tell management that if service didn't improve I would start a letters to the editors of our two papers and I would call in to a local talk show.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.