bit-tech.net

Storm Botnet sends spoofed YouTube spam

Storm Botnet sends spoofed YouTube spam

Hey, aren't you the person in the background of that pit bull fight? You better check out this YouTube video, Michael Vick.

During the past weekend, Internet users across the globe opened a spam email thinking that they had been caught in a video which was then uploaded to YouTube. Unfortunately for them, the links contained in the emails directed to a website that proceeded to download malware in an attempt to turn their computer into a remote controlled Zombie.

Subjects such as "this i (sic) not good. If this video gets to her husband your both dead. see for yourself" and "You can see your face right in the video. its all over the web dude. take a look, lol" created enough of a stir to get users to open the emails. A link to the supposed video was included then ended up leading to the malicious website.

"Given the popularity of YouTube videos," said Dmitri Alperovitch, principal research scientist at Secure Computing, "this latest tactic has an even greater chance of duping more people into clicking on the Storm's infectious links and continuing to enlarge the number of machines that the Russian botmasters, who are behind Storm, have under their control."

The group behind all of this? Storm Botnet.

Storm Botnet has been sending out the storm worm for several months and has even begun to get their zombie computers to attack computers that are trying to eradicate it. The storm worm that the group has included in most of its recent activities was first discovered back in January of this year.

HTML spam is becoming increasingly popular among malware writers and this latest round of spam emails just helps to prove that. The links appeared to be valid links to the YouTube website but when the link was hovered over (as I'm sure the vast majority of you do), it actually pointed to a numeric IP address of another server.

With how intertwined the Internet is with our lives, maybe ISPs should provide documentation to all of their users on how to avoid simple spoofing such as these. What do you think? Discuss it over in the forums or in the comment section below.

11 Comments

Discuss in the forums Reply
Darkangel 29th August 2007, 16:04 Quote
*puts hand up*
Yeh ive got 4 or 5 of these. First time it nearly had me... untill i put the cursor over it and saw it wasnt the right link (like you do).
I'd like to think the rest of the online world would check the links sent in emails from people they dont recognise the email address of - but alas obviously not.
DarkLord7854 29th August 2007, 16:15 Quote
If people are that stupid/naive to open/click unknown links.. maybe they do deserve what they're getting.
Bogie 29th August 2007, 16:37 Quote
Sounds like bad trouble. What malware were they trying to install? Irc bot?
Delphium 29th August 2007, 16:46 Quote
I think it would be a great idea for ISP's to have some form of documentation which illustrates how to avoid spoofing, this would become of use to my gran who for the first time in her life is taking an interest into computers and the internet, having never even used a PC before, some form of documentation from the ISP, might increase the time between which I have to pop round to go fix everything, even if I have removed IE and replaced it with firefox, and installed antivirus and adaware, and set her account to non admin.
There are only so many steps one can take to prevent such nasties, documentation I feel would help that inexperienced user.
phuzz 29th August 2007, 17:04 Quote
it's less
Quote:
A hacker group named "Storm Botnet"
more a botnet created by the Storm worm (which is presumably under the control of one group or individual).

I've not had any of these youtube spam yet, I feel left out :(
wafflesomd 29th August 2007, 17:45 Quote
I received this email.

I'm smart enough not to open it.
sam.g.taylor 29th August 2007, 18:16 Quote
Just checked my spam box and found one.

God, I love gmail's filtering :)
Confused Fishcake 29th August 2007, 18:24 Quote
Yep, gmail stopped my 4 helpings :D Really, people who fall for these tricks shouldn't be using computers.
Delphium 29th August 2007, 18:28 Quote
Quote:
Originally Posted by Confused Fishcake
Really, people who fall for these tricks shouldn't be using computers.

After my parents setting up a pc for my gran, I could not agree more!
Mr T 29th August 2007, 20:35 Quote
I got my fair share of these too glad i hovered over the link before clicking :)
Darkangel 31st August 2007, 01:22 Quote
Quote:
Originally Posted by DarkLord7854
If people are that stupid/naive to open/click unknown links.. maybe they do deserve what they're getting.

yeh.. but sadly its the people who know nothing about computers who have to put things right :(
Log in

You are not logged in, please login with your forum account below. If you don't already have an account please register to start contributing.



Discuss in the forums