European storms hide 'storm virus' attack

Alex Zaharov-Reutt
Friday, 19 January 2007 20:10

Business IT - Security

Virus writers are getting savvier every day. This time they're sending out emails claiming to have details on '230 dead as storm batters Europe', with a virus that gives hackers backdoor control to your computer.

The virus, called Smash.DAM, is a variant of one that has been on the Internet for several days now, but this new variant starting landing in people's email inboxes as the storms raged outside, aiming to take advantage of people's natural curiosity and desire to know more.

News reports claim that the storms have killed at least 28 people so far, making the 230 people dead claim seemingly worthy of further investigation. Inside, the attachment comes with a range of different names, from 'Read More.exe' to 'Full Story.exe'. This makes it a classic case of 'social engineering' to trick people into opening an attachment.

Variations of the email include subject lines such as 'US Secretary of State Condoleezza...' and 'British Muslims Genocide', with attachments called 'Video.exe' or 'Full Clip.exe'.

Users of many modern email programs, such as Outlook 2003 or 2007, will find that .exe attachments are automatically blocked from being opened, with a warning describing the attachment as potentially dangerous, however users of older email programs or operating systems may not be protected, especially if their anti-virus software is out-of-date or not yet updated with the latest anti-virus definitions.

Once clicked, the attachment loads a trojan horse 'backdoor' onto your computer, allowing hackers to scan it for important private data, such as credit card details and email addresses, items that are easily sold on the hacker black market for hard cash. The affected computer systems will usually then be made part of a 'botnet', or a compromised collection of computers that can be used to send spam en-masse, perform denial or service attacks and a host of other illegal activities, all without the knowledge of the affected consumer.

The lesson here is to NEVER open an attachment in an email you were not expecting, and even if the unexpected attachment is from someone you know, you should treat it with suspicion. The social engineering tactics are designed to catch you with your guard down, so it's important to be extra vigilant with emails.

Other advice is to run the latest 2007 edition of your favorite Internet security software, and to regular scan your PC for spyware and other malware with programs such as Windows Defender (http://www.microsoft.com/antispyware), SpyBot (http://www.safer-networking.org) and Lavasoft Adaware (http://www.lavasoftusa.com). Another useful free software package to protect against phishing attacks and rootkits is TrustDefender (http://www.trustdefender.com).

Remember… if in any doubt at all, don’t even click on the email to open it. Just leave it be, and make sure your anti-virus software is definitely 100% up-to-date before even trying to delete it. Don’t become a victim of social engineering hacker scams!