Storm Worm

Share the knowledge

The storm worm is a back door Trojan horse that began infecting personal computers across Europe and the U.S. back in January 2007. On Friday, January 19, 2007, storm worm began attacking computers using an e-mail message with a subject line about a recent weather disaster, “230 dead as storm batters Europe”. During the weekend there were six waves of the attack across Europe and the U.S. Since then, it is estimated that the storm worm has infected more than 10 million computers around the world.

Here’s how the storm worm works. The Washington Post explains that: “A PC infected with Storm will either be used to blast out millions of junk e-mails advertising Web links that when clicked attempt to download a copy of the worm, or it will serve as the destination for that link — essentially hosting the latest copy of the worm for download. Ever since its release in January, the Storm worm has been used almost exclusively either to spread the worm or to tout penny stocks in “pump-and-dump” investment scams. Recently, however, security experts have spotted evidence that the Storm network is being rented out to online pharmacy spammers as well.”

Storm worm is also called “F-Secure” and it also has more than a dozen other names including:

·Small.dam or Trojan-Downloader.Win32.Small.dam (F-Secure)
·CME-711 (MITRE)
·W32/[email protected] and Downloader-BAI (specific variant) (McAfee)
·Troj/Dorf and Mal/Dorf (Sophos)
·Trojan.DL.Tibs.Gen!Pac13[3]
·Trojan.Downloader-647
·Trojan.Peacomm (Symantec)
·TROJ_SMALL.EDW (Trend Micro)
·Win32/Nuwar (ESET)
·Win32/[email protected]!CME-711 (Windows Live OneCare)
·W32/Zhelatin (F-Secure and Kaspersky)
·Trojan.Peed, Trojan.Tibs (BitDefender)

There are several ways to either get rid of Trojan horses like storm worm or prevent Trojan horses from infecting your computer. To get rid of malicious software there are a number of free Trojan and worm removal software downloads available on the web. Before you download any type of Trojan or worm removal tool it is important to make sure that the download is from a trusted source. If you are running Windows, stick with Microsoft software downloads. Microsoft offers its “Windows Malicious Software Removal Tool” free of charge for its Windows operating system. The great thing about this free Trojan and worm removal tool is that it updates once a month and reports if malicious software is found.

Other malicious software and worm removal tools include: Norton AntiVirus and McAfee Antivirus. These software programs are not free. It is important to note that while the Microsoft Software Removal Tool helps remove infections, it does not prevent them. If you want added security, it’s best to install Norton or McAfee as well.

From Microsoft:

The Microsoft Windows Malicious Software Removal Tool checks Windows XP, Windows 2000, and Windows Server 2003 computers for and helps remove infections by specific, prevalent malicious software including Blaster Worm, Sasser, and Mydoom. When the detection and removal process is complete, the tool displays a report describing the outcome, including which, if any, malicious software was detected and removed. The tool creates a log file named mrt.log in the %WINDIR%\debug folder.

Version 1.30 adds Win32/Allaple to the list of malicious software this tool detects.

You can download directly from the Microsoft website or Cnet.com.


Share the knowledge
Share:

Author: The Top Worm

Leave a Reply

Your email address will not be published.