During the past weekend, Internet users across the globe opened a spam email
thinking that they had been caught in a video which was then uploaded to YouTube. Unfortunately for them, the links contained in the emails directed to a website that proceeded to download malware in an attempt to turn their computer into a remote controlled Zombie.
Subjects such as "this i (sic) not good. If this video gets to her husband your both dead. see for yourself" and "You can see your face right in the video. its all over the web dude. take a look, lol" created enough of a stir to get users to open the emails. A link to the supposed video was included then ended up leading to the malicious website.
"Given the popularity of YouTube videos
," said Dmitri Alperovitch, principal research scientist at Secure Computing, "this latest tactic has an even greater chance of duping more people into clicking on the Storm's infectious links and continuing to enlarge the number of machines that the Russian botmasters, who are behind Storm, have under their control
The group behind all of this? Storm Botnet.
Storm Botnet has been sending out the storm worm for several months and has even begun to get their zombie computers to attack computers that are trying to eradicate it
. The storm worm
that the group has included in most of its recent activities was first discovered back in January of this year.
HTML spam is becoming increasingly popular among malware writers and this latest round of spam emails just helps to prove that. The links appeared to be valid links to the YouTube website but when the link was hovered over (as I'm sure the vast majority of you do), it actually pointed to a numeric IP address of another server.
With how intertwined the Internet is with our lives, maybe ISPs should provide documentation to all of their users on how to avoid simple spoofing such as these. What do you think? Discuss it over in the forums
or in the comment section below.