Software // Enterprise Applications
02:54 PM

NFL Kickoff Weekend Brings Another Storm Worm Attack

The Storm worm authors are taking advantage of the excitement around the opening days of the professional football season to add more victims to their botnet.

Are you ready for some football?

That could be the motto for the authors of the virulent Storm worm. After months of social engineering tricks centered around fake news alerts, promises of photos of scantily clad female celebrities, and even patch updates, the malware authors have turned their attention to the opening days of the U.S. football season.

"Anything to do with NFL at this time is going to be compelling for a lot of users," said Ron O'Brien, a senior security analyst with Sophos, in an interview. "This wasn't completely unexpected. The NFL season, particularly in the U.S. and with the rise of fantasy football, almost qualifies as a holiday. As we'd expect to see social engineering techniques arise around the holidays, like Mother's Day, we expect to see them arise with the start of football season."

The NFL (National Football League) season opened on Thursday, Sept. 6.

The Storm worm authors have been pounding the Internet with waves of mass mailings in an attempt to build up their botnet. The bigger and more far-reaching their botnet, the more spam they can send out and the more powerful denial-of-service attacks they can launch.

Cybercriminals commonly use holidays or major news items as the basis for new social engineering tricks. At the beginning of the month, for instance, the Storm worm authors sent out phony Labor Day e-cards, trying to lure unsuspecting users into clicking on a link that would supposedly take them to an electronic greeting card but actually took them to a malicious Web site where their machine was infected.

Both Sophos and the Internet Storm Center alerted users that the hackers sent out a new Storm worm campaign over the weekend.

This one came in the form of an e-mail with subject lines like: Are you ready for football season?; Free NFL Game Tracker; Football Season Is Here!; and Do you have your NFL Game List? The e-mail contains a link to a Web page that has the actual game results but all URLs in the page link to a malicious file, tracker.exe.

"The game result displayed is the real result," said O'Brien. "The person or persons responsible for this did their homework. It's indicative of the fact that they're constantly looking for new ways to add machines to their botnet."

Sophos is calling this variant of the Storm worm Mal/Dorf.

Comment  | 
Print  | 
More Insights
Building A Mobile Business Mindset
Building A Mobile Business Mindset
Among 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps and it's past time for those with no plans to get cracking.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Dec. 9, 2014
Apps will make or break the tablet as a work device, but don't shortchange critical factors related to hardware, security, peripherals, and integration.
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.