Malicious spam downloads malware in attempt to turn PCs into botnets.
Experts have warned of a widespread e-mail posing as a message of love which has been widely spammed across the Internet in an attempt to install malicious code. The gang behind the latest incarnation of the Dorf Trojan (also known as Storm Worm) have deliberately spammed out a "romantic" e-mail campaign, luring unsuspecting computer users to dangerous Web sites.
Subject lines used in the attack are many and varied, but all pose as a romantic message. Some of them include:
The body of the e-mail contains a link to an IP-address based Web site, which is actually one of the many compromised PCs in the Storm botnet. The Web site displays a large red heart, while installing malware onto the vistors' PC.
"This heart attack has been spammed out on a huge scale by an organized gang hellbent on stealing access to your PC for criminal purposes. It seems the hackers were too impatient to wait for St. Valentine's Day this year before plucking on heart strings in their attempt to infect the unwary," said Graham Cluley, senior technology consultant for Sophos. "People will be truly love sick if they let the malicious code run on their PC."
Analysts believe that the worm code is designed to attempt to download further malicious code from the Internet designed to take over the PC, convert it into part of a zombie network, and use it to send spam on behalf of hacking gangs.
"Your PC and the data on it is precious, and it needs to be protected. No one should be blinded by an unexpected romantic message into clicking on links to unknown Web sites. The best defense is common sense, combined with up-to-date anti-virus software and spam protection at your gateway," continued Cluley.