Feeds

Trick or trojan - watch out for Halloween malware

Don't download the dancing skeleton

Reducing security risks from open source software

Surfers are warned to be wary this Halloween of malicious spam messages playing on Wednesday's horror-themed holiday.

A run of Halloween-themed spam invites would-be marks to visit a site and download a "dancing skeleton", a malicious package that falsely claims to create a novelty dancing skeleton on users' desktops.

In reality, the site (safe screen grab from F-secure here) is loaded with exploits designed to download a new variant of the Storm Worm (Trojan) onto vulnerable Windows PCs. Infected PCs become members of the zombie botnets of compromised PCs under the control of hackers.

The malicious messages arrive with subject lines such as "Halloween Fun", "You'll laugh your but (sic) off" and "The most amazing dancing skeleton".

The Storm Worm malware strain first surfaced in January, in emails attempting to trick users into visiting maliciously-constructed websites under the guise of messages offering recipients information about the storms ravaging Europe at the time.

Over recent months crackers have refined their tactics. Emails punting the malware now contain fake links to YouTube, for example. Hackers have also attempted to trick users into visiting maliciously-constructed websites via login confirmation spam or bogus electronic greeting card receipts.

The attack methodology - tricking users into maliciously constructed websites that attempt to load botnet clients onto vulnerable PCs - has remained much the same.

Access to compromised PCs is sold in underground forums. Zombie clients are used for activities including launching denial of service attacks and distributing spam. Net security firm Marshall estimates that the Storm botnet is the source of up to 20 per cent of all current spam.

Hackers often take advantage of holidays and items of topical interest to flavour their attacks. The Storm Worm gang are not the only group to take advantage of Halloween for questionable purposes. A spam email campaign identified by net security firm Sophos earlier this month attempted to coax recipients into handing over personal information on the dubious promise of a $250 gift card.

General security precautions apply in the case of these particular, or similar future, attacks. Consumers are advised to resist the temptation to open suspicious-looking emails from people they don't know. Running properly maintained security software and keeping PCs up-to-date with patches are also important precautions. ®

Mobile application security vulnerability report

More from The Register

next story
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Microsoft: You NEED bad passwords and should re-use them a lot
Dirty QWERTY a perfect P@ssword1 for garbage websites
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
NUDE SNAPS AGENCY: NSA bods love 'showing off your saucy selfies'
Swapping other people's sexts is a fringe benefit, says Snowden
Own a Cisco modem or wireless gateway? It might be owned by someone else, too
Remote code exec in HTTP server hands kit to bad guys
British data cops: We need greater powers and more money
You want data butt kicking, we need bigger boots - ICO
Crooks fling banking Trojan at Japanese smut site fans
Wait - they're doing online banking with an unpatched Windows PC?
NIST told to grow a pair and kick NSA to the curb
Lrn2crypto, oversight panel tells US govt's algorithm bods
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Mobile application security vulnerability report
The alarming realities regarding the sheer number of applications vulnerable to attack, and the most common and easily addressable vulnerability errors.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.