European storm provides cover for e-mail worm attack
Hackers are using the storm that killed at least46 people in Europe this weekas a "hook for the unsuspecting" to distribute a virus, a Finnish computer security company says.
A "significant attack" was launched through the "storm worm," F-Secure of Helsinki said Friday.
The worm gained entry to users' computers when they opened an attachment, dubbed "Read More.exe," "Full Clip.exe," "Full Story.exe," or "Video.exe."
Inside the computer, the virus created a backdoor entry which the hackers could use later to gain access to the machine.
"What is significant here though is the timely nature of this assault in relation to the European storm. Malware gangs are clearly using every technique and even tragedies like these to gain access to vulnerable machines," Mikko Hypponen, F-Secure's chief research officer, said in a release.
The worm — a computer virus designed to copy itself —started to spread through e-mailson Thursday with the subject line "230 dead as storm batters Europe."
Although the storm is very serious, the toll is only a fraction of that number, much closer to 46.
"The message, which was created and launched literally as the storm raged, is exploiting a timely widescale media event as the key mechanism for delivering its payload," F-Secure said.
The hackers, probably based in Asia, probably intended to create new "zombie" computers, a network of machines controlled remotely bythe programmers, who use them to send spam e-mails or to spread more viruses.
The hackers may also be trying to steal information and start phishing, using fraudulent e-mails to dupe recipients into providing personal and financial information, which can then be used to commit frauds.
F-Secure's lab in Kuala Lumpur discovered the worm early Friday (European time), leading researchers to believe the attack originated in Asia.