Friday, 20 November 2009
Home arrow Reference arrow Tech Talk arrow New Storm Virus Outbreak

Advertisement
See Our Latest Ads

Click here to check out our new ads!

 

iShield
Related Items
Main Menu
Home
Products
Reference
Support
Company
Downloads
FreeScan
Purchase
New Storm Virus Outbreak

There is a new email virus that debuted in Europe last week. Emails were sent out claiming to have details on the death toll from the storm raging through Europe, which is how it got it's nickname of the storm virus. The email is sent with an executable (.exe) attachment , which is virus that can give hackers backdoor control an infected computer. StopSign detects this threat as BackDoor.Groan.

 

The payload of the storm virus is a trojan called Smash.DAM, and is one of the many email viruses that have been circulating on the internet. The emails aim to take advantage of peoples natural curiosity. It began by poising as a news related email, and is now being seen as a more general email subject. The following headers have been used by this virus;

  • 230 dead as storm batters Europe
  • US Secretary of State Condoleezza...
  • British Muslims Genocide
  • A killer at 11, he's free at 21 and...
  • Naked teens attack home director.
  • President of Russia Putin dead
  • Third World War just have started!
  • The Supreme Court has been attacked by terrorists. Sen. Mark Dayton dead!
  • The commander of a U.S. nuclear submarine lunch the rocket by mistake.
  • First Nuclear Act of Terrorism!
  • Russian missle shot down Chinese satellite
  • Russian missle shot down USA aircraft
  • Russian missle shot down USA satellite
  • Chinese missile shot down USA aircraft
  • Chinese missile shot down USA satellite
  • Sadam Hussein alive!
  • Sadam Hussein safe and sound!
  • Radical Muslim drinking enemies' blood.
  • U.S. Secretary of State Condoleezza Rice has kicked German Chancellor Angela Merkel
  • U.S. Southwest braces for another winter blast. More then 1000 people are dead.
  • Venezuelan leader: "Let's the War beginning".
  • Fidel Castro dead.
  • Hugo Chavez dead.
  • So in Love
  • Happy World Religion Day!
  • Most Beautiful Girl
  • Someone at Last
  • I Believe
  • The Dance of Love
  • The Miracle of Love
  • All For You
  • Vacation Love
  • I am Complete
  • Wrapped Up
  • Moonlit Waterfall
  • A Little (sex) Card
  • A Special Kiss
  • Hugging My Pillow
  • Safe and Sound
  • You're Soo kissable
  • A Romantic Place
  • Breakfast in Bed Coupon
  • For You
  • I Love You So
  • Safe and Sound
  • Want to Meet?
  • We Are Different
  • We Have Walked
  • You Asked Me Why


The emails contain an executable file as an attachment. The following files have been found as an attachment:

  • Video.exe
  • Full Clip.exe
  • Read More.exe
  • Full Story.exe
  • Full Video.exe
  • Full Text.exe
  • Flash Postcard.exe

 

Once executed, the virus will open a backdoor for hackers on the computer. The files Wincom32.ini and wincom32.sys have been associated with the Storm Virus, and would be located in the Windows system directory. The infected computer will usually be made into a botnet. A botnet is a collection of computers used send out spam, collect data, and send out denial of service attacks while under the control of a hacker. StopSign detects the virus as BackDoor.Groan, and is currently trying to gather samples of this infection for further review.

Modern email client programs, such as Outlook 2003 or 2007, will automatically block ".exe" file attachments from being opened, warning the user that the attachment is potentially dangerous. However, users of older email programs or operating systems may not be as protected. It is advised that you NEVER open any attachment that you were not expecting, even if the unexpected attachment is from someone you know, you should treat it with suspicion.

 
Design by Team StopSign | Powered by eAcceleration.com
© 2009 StopSign.com

Top!