A significant network attack was launched globally in the early hours of Thursday morning (GMT) using news of a European storm as the hook to lure the unsuspecting. The message, which was created and launched literally as the storm raged, is exploiting a timely widescale media event as the key mechanism for delivering its payload.
The Trojan was distributed in messages with subject line of “230 dead as storm batters Europe”. The payload in this case was the Small.DAM Trojan that was downloaded into all vulnerable machines upon opening of the spam mail’s attachment such as “Read More.exe”. Once inside the machine, the Trojan creates a backdoor that can be exploited later by the malware authors behind the assault.
As has been seen with other attacks, the likely intention is to create a new raft of zombie computers to steal information and to further propagate large-scale spam and phishing runs.
In addition to the headline “230 dead as storm batters Europe” the spam uses a number of other provocative headlines. Attachments may be of the following filenames: “Full Clip.exe”; “Full Story.exe”; “Read More.exe” and “Video.exe”.
The assault was first picked up by F-Secure Security Labs Kuala Lumpur during the very early hours of Friday European time. The timing of the assault and its detection in Asia leads researchers to believe that the assault also originated in the region.
User of Apple’s Macintosh computers are unaffected.
More info via F-Secure here: http://www.f-secure.com/v-descs/small_dam.shtml
Related articles:
Apple touts virus-free Macs – August 25, 2006
Microsoft’s Windows is inherently more vulnerable to severe malware than Apple’s Mac OS X – August 23, 2006
Chicago Tribune falls for the ‘Security Via Obscurity’ myth – August 14, 2006
Symantec researcher: At this time, there are no file-infecting viruses that can infect Mac OS X – July 13, 2006
Gartner analyst tries to propagate discounted Mac OS X ‘security via obscurity’ myth via BBC – July 06, 2006
Apple: ‘Get a Mac. Say ‘Buh-Bye’ to viruses’ – June 01, 2006
Apple Macs are inherently safer and more secure than Microsoft Windows – November 22, 2005
BusinessWeek columnist propagates discounted ‘Apple Mac security via obscurity myth’ – September 06, 2005
16-percent of computer users are unaffected by viruses, malware because they use Apple Macs – June 15, 2005
USA Today calls iMac G5 ‘exquisite’ but implies Mac OS X more secure than Windows due to obscurity – September 30, 2004
Another columnist trots out Mac OS X ‘Security through Obscurity’ myth – April 03, 2004
Gates: Windows ‘by far the most secure’ system; tries to use ‘Mac OS X secure through obscurity’ myth – January 27, 2004
Q&A Columnist uses ‘security through obscurity’ myth to defend Windows vs. Mac on virus issue – October 04, 2003
Columnist tries the ‘security through obscurity’ myth to defend Windows vs. Macs on virus front – October 01, 2003
New York Times: Mac OS X ‘much more secure than Windows XP’ – September 18, 2003
Shattering the Mac OS X ‘security through obscurity’ myth – August 28, 2003
Is Mac OS X really inherently more secure than Windows? – August 26, 2003
Virus and worm problems not just due to market share; Windows inherently insecure vs. Mac OS X – August 24, 2003
bwahahahahahaha
Could someone explain to me how it comes Windows users are such IDIOTS? If the attachment has filename with extension .exe what the averaged moron on Windows think it will do by double-clicking it? reading a text file?
The vast majority of idiots in the world all choose Windows as the OS to run on their computer. They should stick to pen and paper.
Gotcha: they will still catch and spread virus licking the envelopes. Truth is, you can’t help morons.
As we’ve learned all to well, this TOO won’t matter to tried and true PeeCee users. It’s the Munchausen Syndrome for these idiots or nothing. The more pain and suffering they and their friends have to bear, the more pity and attention they receive.
As well as . . .
JOB SECURITY! JOB SECURITY! JOB SECURITY! JOB SECURITY! JOB SECURITY!
The worm affects Vista installations as well. Vista: the most secure Windows version so far. Literally.
Vista’s idea of security is asking the user for permission to install software (not having to type in a password, just clicking OK). If a user is dumb enough to double click an EXE file they are clearly going to give permission!!!
Wasn’t Vista supposed to require “approval” to install new applications? How does this affect Vista users?
P.S. LOOOVE that it does, though!
It’s scary that so many computers vital to the infrastructure of the U.S. run on Winblows. I can’t understand why some person or business or government agency hasn’t sued Mafia$oft for their shoddy OS and the time and money spent shoring it up on the user’s end. Lemmings!
Jake,
The “approval” process for Vista is clicking on a button in a pop-up window that says “OK”. No password authentication needed. Yeah, that’s good OS design Microsucks!
“Could someone explain to me how it comes Windows users are such IDIOTS? If the attachment has filename with extension .exe what the averaged moron on Windows think it will do by double-clicking it? reading a text file?”
Well, a couple of reasons.
First, as I understand it, Windows either shows you extensions or doesn’t show you extensions. Unlike Mac OS X, where it is based on the file. So it’s quite possible that Windows is not showing you the extension, because you told it not to. After all, who wants to see all those “.exe”s after the filename.
Second, most people don’t know to look at extensions anyway and just double-click on the pretty icon anyway. Trust me, Mac users are just as stupid–perhaps more so, because we’re safe from these things.
“The worm affects Vista installations as well.”
Well, since it’s delivered as a Trojan, I would have no doubts of it’s ability to infect Vista. The question is, when it tries to install it’s payload, does Vista put up appropriate dialogs asking the user if this is OK.
Speaking of Malware…..
Anyone notice that the ‘Month of Apple Bugs’ has gone fairly silent?
Quote: “Anyone notice that the ‘Month of Apple Bugs’ has gone fairly silent?”
No, but what I have noticed is that many of the bugs seem to be X86 based rather than PPC. Also not all are bugs in OSX, but in apps which can lead to a security risk.
Wait, shouldn’t the month of Apple Bugs have turned out a virulent Mac world destroying worm by now? I mean the combination of up to 18 confirmed bugs should have affected at least TWO macs by now, right?
Simple:
Noticed that myself. Can’t say I’m sorry to see them make fools of themselves.
actually, you would be surprised how many mac users would also download and run an app from an email. not everyone is as intelligent and savvy as you. although they might be less snobby and egotistical.
“Too Amazing” is right. It’s scary and true: Most Mac users whose computers I have repaired over the past several years would also click on a malware attachment quite happily without a second thought.
The people that read forums like MDN, MacInTouch, and others may be the “savvy” ones, but we are definately in the minority.
It’s simply amazing to me that we haven’t seen lots of malware on Macs, even under System 7, OS 8, 9, and so on, based on “social engineering” like the trojan mentioned in the article. Just go to milw0rm.com any minute of any day and you’ll see what kinds of forums those guys have going.
> you would be surprised how many mac users would also download and run an app from an email.
Except that Mac OS X gives a warning, [whatever].app is running for the first time, do you want to continue? (or words to that effect). If that does not put up a red flag with the user, he/she deserves the consequences.
Also, even if an evil program is run by a clueless user, it will only affect the areas of the computer to which the user’s account has permissions. It cannot “create a new raft of zombie computers to steal information and to further propagate large-scale spam and phishing runs.” It may be possible, but real world evidence (lack of such malware for Mac OS X) shows that it would be really difficult. Which is why malware author don’t even bother trying, when Windows PCs are infinitely more exploitable.
Cubert writes: “It’s scary that so many computers vital to the infrastructure of the U.S. run on Winblows. I can’t understand why some person or business or government agency hasn’t sued Mafia$oft for their shoddy OS and the time and money spent shoring it up on the user’s end. Lemmings!”
I remember the reaction of the security community several years ago when the new CIO for Homeland Security (!) said the agencies being brought together would standardize on Microsoft Windows. The Sasser worm hit a few months later. Do we feel secure now?
Nor does the government utilize what leverage it has against Microsoft. During the years the US Justice Department was in legal battle against Microsoft, Justice was actively standardizing on Windows and Office.
As to why Microsoft hasn’t been sued for damages, check the End User License Agreement. You use the software at your own risk. I’d bet most folks don’t know that.
Could someone explain to me how it comes Windows users are such IDIOTS? If the attachment has filename with extension .exe what the averaged moron on Windows think it will do by double-clicking it? reading a text file?
You have to understand…by default Windows doesn’t SHOW them that there is an .exe on the end of it.
Moreover, if it’s labeled Readthis.txt.exe, Windows shows Readthis.txt to the poor sap.
This is one of the 9,347 reasons why Windows is a friggin’ security nightmare.
Years ago when I first started getting into computers, I told my PC-centric brother-in-law that I had decided to go Mac. Back then, I didn’t know anything about any sort of rivalry between Mac and PC people. Wouldn’t have thought it anymore than a rivalry between Hitachi TV people and Sony TV people. Anyway, I told him I decided to go with Mac because it was more user-friendly. He promptly told me that Macs were for people who don’t know very much about running computers (*rolls eyes*). Not being fond of being insulted, our relationship soured after that. It was my first introduction into PC-based dementia.
I have had great satisfaction watching Apple run circles around the entire PC world since then. I have fun bad-mouthing Bill Gates (whom he has a biography of!), MS, and Michael Dell, in his presence and talking about how Apple and Steve Jobs makes them all look ridiculous. And there’s nothing he can really come back at me with. And I know those PC guy commercials must drive him nuts. I’ve heard a lot of crap over the years from PC jerks that talk about Mac users having a smug attitude, but in my experience, it is the PC-centric lowers with the bad attitude, and nothing to back it up with.
Anyway, these idiots clicking on those unsolicited .exe files I guess are examples of the fact that PC users really are the ones that know more about running computers.
So true, Oops. And, usually the comeback argument for one of these PC-defenders isn’t even true anymore. They love to compare XP to System 7 on a 12-year old Mac.
99.9% of Windows PC users have no idea about dot-extensions like .exe, .jpg, or .doc. These people are sometimes called the “great unwashed”. They obtained a computer because “it’s all the rage”; along with high-speed connectivity. They also tend to leave their computers on 24/7 and their on-line habits are deplorable: tending to open almost every spam message, and clicking on just about every email link thrown at them. THESE FOLKS ARE NAIVE AND WAY TOO TRUSTING, and they are like this because Microsoft had told them that they didn’t need to worry about anything. Now the fhit has hit the san. Dangerous and costly electronic epidemics abound.
The real culprit is Microsoft. They have built swiss-cheese OSs, rushed them out the door without sufficient security testing, with the hope that users would find and report the problem areas. Microsoft is disgustingly culpable. They have grossly violated their fiduciary responsibility to unsuspecting users. With thousands of programmers in-house, surely they could have set up a crack security group to look for OS and app holes. But nooooooooo, it just slows things down.
Microsoft should be held financially responsible for ABSOLUTELY EVERY online theft that has occurred and should reimburse all users, financial institutions, and insurance companies WORLDWIDE who have lost money due to their ridiculous software. Billionaire Balmer should be put in jail for premeditated first-degree faulty product distribution.
“So true, Oops. And, usually the comeback argument for one of these PC-defenders isn’t even true anymore. They love to compare XP to System 7 on a 12-year old Mac.”
Yes. Every “computer expert” I know that bashes Macs usually start out by saying, “Well, I used Macs back in high school and…”
ow angry they’d get if I compared my current Core 2 laptop with some crappy 386 machine with Windows 3.1.
PC users are generally dumb (but not all).
hopefully more of this malware will lead to more switchers
Want to see what the U.S. Law thinks of malware?
http://www.alternet.org/rights/46925/
Questionable Conviction of Connecticut Teacher in Pop up Porn Case
http://www.foxnews.com/story/0,2933,244009,00.html
In Child Porn Case, Technology Entraps the Innocent
Niffy
“Could someone explain to me how it comes Windows users are such IDIOTS?”
You find the answer in your question…
” width=”19″ height=”19″ alt=”wink” style=”border:0;” />