NFL Kickoff Weekend Brings Another Storm Worm Attack - InformationWeek
IoT
IoT
Software // Enterprise Applications
News
9/10/2007
02:54 PM
50%
50%
RELATED EVENTS
[Best Practices] Managing Multiple Clouds
Jul 26, 2017
Putting all your eggs in one cloud basket is risky, because clouds are not immune to denials of se ...Read More>>

NFL Kickoff Weekend Brings Another Storm Worm Attack

The Storm worm authors are taking advantage of the excitement around the opening days of the professional football season to add more victims to their botnet.

Are you ready for some football?

That could be the motto for the authors of the virulent Storm worm. After months of social engineering tricks centered around fake news alerts, promises of photos of scantily clad female celebrities, and even patch updates, the malware authors have turned their attention to the opening days of the U.S. football season.

"Anything to do with NFL at this time is going to be compelling for a lot of users," said Ron O'Brien, a senior security analyst with Sophos, in an interview. "This wasn't completely unexpected. The NFL season, particularly in the U.S. and with the rise of fantasy football, almost qualifies as a holiday. As we'd expect to see social engineering techniques arise around the holidays, like Mother's Day, we expect to see them arise with the start of football season."

The NFL (National Football League) season opened on Thursday, Sept. 6.

The Storm worm authors have been pounding the Internet with waves of mass mailings in an attempt to build up their botnet. The bigger and more far-reaching their botnet, the more spam they can send out and the more powerful denial-of-service attacks they can launch.

Cybercriminals commonly use holidays or major news items as the basis for new social engineering tricks. At the beginning of the month, for instance, the Storm worm authors sent out phony Labor Day e-cards, trying to lure unsuspecting users into clicking on a link that would supposedly take them to an electronic greeting card but actually took them to a malicious Web site where their machine was infected.

Both Sophos and the Internet Storm Center alerted users that the hackers sent out a new Storm worm campaign over the weekend.

This one came in the form of an e-mail with subject lines like: Are you ready for football season?; Free NFL Game Tracker; Football Season Is Here!; and Do you have your NFL Game List? The e-mail contains a link to a Web page that has the actual game results but all URLs in the page link to a malicious file, tracker.exe.

"The game result displayed is the real result," said O'Brien. "The person or persons responsible for this did their homework. It's indicative of the fact that they're constantly looking for new ways to add machines to their botnet."

Sophos is calling this variant of the Storm worm Mal/Dorf.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
[Interop ITX 2017] State Of DevOps Report
[Interop ITX 2017] State Of DevOps Report
The DevOps movement brings application development and infrastructure operations together to increase efficiency and deploy applications more quickly. But embracing DevOps means making significant cultural, organizational, and technological changes. This research report will examine how and why IT organizations are adopting DevOps methodologies, the effects on their staff and processes, and the tools they are utilizing for the best results.
Register for InformationWeek Newsletters
White Papers
Current Issue
IT Strategies to Conquer the Cloud
Chances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.
Video
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll