Storm Worm: With Love

In the last 8 hours we have seen a lot of new variants of the storm worm in our database. After further research we see that there is a new spam run going out gearing up for valentine's day. Its nearly a month away, so the timing might be a bit off, but that certainly is not stopping people from being infected.

In the last 8 Hours we have seen 86 different variants of the same server side repacked file. Of course this method is very interesting as it makes detection rather interesting. We've also seen quite a few of these files being submitted to Virustotal.

Here is a screenshot of the same repacked file over a short timeframe in our DB.

And here is the site that users get pointed to for the download.

We'll keep you updated on this outbreak.

Leave a reply