A significant network attack was launched globally in the early hours of Thursday morning (GMT) using news of a European storm as the hook to lure the unsuspecting. The message, which was created and launched literally as the storm raged, is exploiting a timely widescale media event as the key mechanism for delivering its payload.
The Trojan was distributed in messages with subject line of “230 dead as storm batters Europe”. The payload in this case was the Small.DAM Trojan that was downloaded into all vulnerable machines upon opening of the spam mail’s attachment such as “Read More.exe”. Once inside the machine, the Trojan creates a backdoor that can be exploited later by the malware authors behind the assault.
As has been seen with other attacks, the likely intention is to create a new raft of zombie computers to steal information and to further propagate large-scale spam and phishing runs.
In addition to the headline “230 dead as storm batters Europe” the spam uses a number of other provocative headlines. Attachments may be of the following filenames: “Full Clip.exe”; “Full Story.exe”; “Read More.exe” and “Video.exe”.
The assault was first picked up by F-Secure Security Labs Kuala Lumpur during the very early hours of Friday European time. The timing of the assault and its detection in Asia leads researchers to believe that the assault also originated in the region.
User of Apple’s Macintosh computers are unaffected.
More info via F-Secure here: http://www.f-secure.com/v-descs/small_dam.shtml
Apple touts virus-free Macs – August 25, 2006
Microsoft’s Windows is inherently more vulnerable to severe malware than Apple’s Mac OS X – August 23, 2006
Chicago Tribune falls for the ‘Security Via Obscurity’ myth – August 14, 2006
Symantec researcher: At this time, there are no file-infecting viruses that can infect Mac OS X – July 13, 2006
Gartner analyst tries to propagate discounted Mac OS X ‘security via obscurity’ myth via BBC – July 06, 2006
Apple: ‘Get a Mac. Say ‘Buh-Bye’ to viruses’ – June 01, 2006
Apple Macs are inherently safer and more secure than Microsoft Windows – November 22, 2005
BusinessWeek columnist propagates discounted ‘Apple Mac security via obscurity myth’ – September 06, 2005
16-percent of computer users are unaffected by viruses, malware because they use Apple Macs – June 15, 2005
USA Today calls iMac G5 ‘exquisite’ but implies Mac OS X more secure than Windows due to obscurity – September 30, 2004
Another columnist trots out Mac OS X ‘Security through Obscurity’ myth – April 03, 2004
Gates: Windows ‘by far the most secure’ system; tries to use ‘Mac OS X secure through obscurity’ myth – January 27, 2004
Q&A Columnist uses ‘security through obscurity’ myth to defend Windows vs. Mac on virus issue – October 04, 2003
Columnist tries the ‘security through obscurity’ myth to defend Windows vs. Macs on virus front – October 01, 2003
New York Times: Mac OS X ‘much more secure than Windows XP’ – September 18, 2003
Shattering the Mac OS X ‘security through obscurity’ myth – August 28, 2003
Is Mac OS X really inherently more secure than Windows? – August 26, 2003
Virus and worm problems not just due to market share; Windows inherently insecure vs. Mac OS X – August 24, 2003