Quantcast
PC World: Technology Advice You Can Trust
Search
Browse by Topic
Subscribe to magazine

Magazine

Subscribe & Get
a Bonus CD

Customer Service

Find a Review
Dads & Grads Gift Guide Audio & Video Business Center Cameras Cell Phones & PDAs Communications Components & Upgrading Desktop PCs DVD & Hard Drives Gaming Hardware & Software HDTV Laptops Macs & iPods Monitors Printers Spyware & Security The PCW Test Center Windows Vista & XP
Resource Centers
Asus Notebook Center
CDW Solution Center
HP Ink Center
Intel Technology Center
Lenovo Laptop Showcase
White Paper Library
Webcast Library
Most Popular Search Terms
Most Popular Products
Most Popular Downloads
Free Newsletters
Receive the latest reviews, how-to's, news, and more.
Weekly Brief
Daily Downloads
Daily Technology News
Go
WiFi Finder
Locate wireless services by a specific address, city, state, country, airport, or zip code.
RSS Feeds
Get our latest content via convenient RSS feeds.
Latest News
Today @ PC World
Become a PCW Member
Join the community and start enjoying the benefits:
  • Get tech advice from thousands of PC World Members
  • Rate and recommend the latest tech products
  • Share your thoughts in blog and article comments
  • Get free excerpts and exclusive discounts on Super Guides
Signing up is free and easy.
Read More About: Trojan Horses

Storm Botnet Spreading Malware Through GeoCities

Gregg Keizer, Computerworld

Friday, November 16, 2007 5:00 PM PST
Recommend this story?
Yes
No

Storm, the botnet-building Trojan horse, has come up with another twist to dupe users into infecting their PCs with malware, a security researcher said today.

Longtime clients of the Russian Business Network (RBN), a notorious hacker- and malware-hosting network that mysteriously vanished last week after shifting operations from St. Petersburg, Russia, to Shanghai are involved in the attack, said Paul Ferguson, network architect at Trend Micro Inc.

Yesterday, Trend watched as existing bots controlled by Storm were seeded with new spam templates that included links to sites on GeoCities, the free Web hosting service owned by Yahoo Inc. Today, Storm kicked off the new attacks. "This has developed into a full-fledged attack vector," Ferguson said.

The GeoCities sites are infected with malicious JavaScript code that redirects the user's browser to secondary URLs hosted in Turkey, Ferguson said. The Turkish URLs, meanwhile, try to persuade the user to download a new codec that's supposedly necessary to view images on the GeoCities sites. According to Trend Micro's analysis, the bogus codec -- which claims to be for the 360-degree IPIX format -- is actually an identity- and information-stealing piece of malware.

Fake codecs have become the latest choice of hackers, with several notable attacks recently relying on users' naivete about what a codec is, why it might be necessary and why they can be untrustworthy. The attacks last week that originated at hacked MySpace pages -- including R&B singer Alicia Keys' -- touted phony codecs, for example.

That Storm has turned to hyping codecs tells Ferguson that the botnet's controllers are nimble and flexible in their approach to social engineering. "They're intertwining codecs with other types of social engineering," he said.

By his reckoning, Storm has become much more than just a name for a malware family. "It's actually a covert channel of distribution for these [bad] guys," he said. "It's a communication network, a way for them to communicate information they want to seed," whether a round of spam touting penny stocks or a new piece of malware. "And it's a way for them to get what they've collected" from the now-compromised computers, he added. "It's a covert network."

Ferguson also said that there was evidence that known RBN customers were responsible for this newest use of Storm's botnet. "Some of the same RBN operators are involved," Ferguson said. "It's some of the same crew."


Computerworld
For more enterprise computing news, visit Computerworld. Story copyright © 2007 Computerworld Inc. All rights reserved.


Recommend this story?
Yes
No
Related Searches: trojan horse pc security pc infection storm worm geocities

Comments
Related Content
Tags at a Glance
HP Ink Center
Bring improved color and brilliance to your printed material. Visit the Resource Center for more info...
CDW Solution Center
Deliver speed and scalability in your storage systems. Find out how at the CDW Solution Center.
Asus Notebook Center
Ultra-fashionable thin and light notebooks with SmartLogon Face Recognition. Find out more at the Asus Resource Center.
Intel Processor Technology
Which Intel Processor is Right for You?
Which Intel Processor is Right for You?Centrino, Core 2 Duo, Core 2 Quad, Core 2 Extreme? Check out the Intel Technology Center for more info...
Are you a gamer?
Are you a gamer?Visit the Intel's Gaming section for the latest downloads, hottest gaming events and to learn about Intel & Gaming.
See what Intel can do for Vista...
See what Intel can do for Vista...Discover how Windows Vista technology work in the benchmarks with Intel Centrino processor technology.
VoIP Web Demo
Join Altigen for a Live Web Demo and learn how VoIP technology can improve your business communications.
The Future Sales Force - A Consultative Approach
This white paper discusses the challenges of selling complex products and services, and the new skill sets sales professionals must employ.
Latest News
EDS Buy Could Give HP Edge Over Dell, Analysts Say
Hewlett-Packard's acquisition of Electronic Data Systems won't hurt Dell in the next few years, but it could affect Dell's... 16-May-2008
Microsoft Pulls Windows Home Server Backup Feature
Microsoft confirms that it has yanked parts of a backup feature from a major upgrade to its Windows Home Server. 16-May-2008
HP Confirms XP SP3 Endless Reboot Snafu, Promises Patch
HP confirms that some users of its AMD-based desktops have had problems after installing Windows XP Service Pack 3. 16-May-2008
Say Goodbye to Muni-Fi
The days of imagining Wi-Fi blanketing a city are over with the exit of the last major municipally focused Wi-Fi service provider. 16-May-2008
Microsoft: Don't Misunderstand UAC, Other Vista Features
In its continued attempt to convince business customers to adopt Vista, Microsoft has outlined and tried to explain some of... 16-May-2008
Sony Reveals 2008-2009 PlayStation Software List
Sony Friday revealed a list of 15 upcoming games for the PlayStation 3, PS2 and PSP. 16-May-2008
HP-EDS Buy, Icahn Strikes Again, China Quakes
This was a big IT news week, with the massive earthquake in China on Monday showing once again the role that the Internet... 16-May-2008
Universal Battery Charger Debuts for Apple Laptops
FastMac on Friday announced its new U-Charge. It's a universal battery charger for Apple laptops and it costs US$69.95; it... 16-May-2008
Optimizing Windows on Your Mac
The June 2008 issue of Macworld includes a feature article on running Windows on your Mac--and how to do it in the most... 16-May-2008
TapDex 3.3.2
Apple's Address Book utility is a handy place to store information for your contacts, especially since it integrates so well... 16-May-2008

PC World's Marketplace

PC World's Free Whitepapers

Name City
Address 1 State Zip
Address 2 E-mail (optional)