Windows ‘Storm Worm’ rages across globe; Apple Macintosh unaffected

A significant network attack was launched globally in the early hours of Thursday morning (GMT) using news of a European storm as the hook to lure the unsuspecting. The message, which was created and launched literally as the storm raged, is exploiting a timely widescale media event as the key mechanism for delivering its payload.

The Trojan was distributed in messages with subject line of “230 dead as storm batters Europe”. The payload in this case was the Small.DAM Trojan that was downloaded into all vulnerable machines upon opening of the spam mail’s attachment such as “Read More.exe”. Once inside the machine, the Trojan creates a backdoor that can be exploited later by the malware authors behind the assault.

As has been seen with other attacks, the likely intention is to create a new raft of zombie computers to steal information and to further propagate large-scale spam and phishing runs.

In addition to the headline “230 dead as storm batters Europe” the spam uses a number of other provocative headlines. Attachments may be of the following filenames: “Full Clip.exe”; “Full Story.exe”; “Read More.exe” and “Video.exe”.

The assault was first picked up by F-Secure Security Labs Kuala Lumpur during the very early hours of Friday European time. The timing of the assault and its detection in Asia leads researchers to believe that the assault also originated in the region.

User of Apple’s Macintosh computers are unaffected.

More info via F-Secure here: http://www.f-secure.com/v-descs/small_dam.shtml

Related articles:
Apple touts virus-free Macs – August 25, 2006
Microsoft’s Windows is inherently more vulnerable to severe malware than Apple’s Mac OS X – August 23, 2006
Chicago Tribune falls for the ‘Security Via Obscurity’ myth – August 14, 2006
Symantec researcher: At this time, there are no file-infecting viruses that can infect Mac OS X – July 13, 2006
Gartner analyst tries to propagate discounted Mac OS X ‘security via obscurity’ myth via BBC – July 06, 2006
Apple: ‘Get a Mac. Say ‘Buh-Bye’ to viruses’ – June 01, 2006
Apple Macs are inherently safer and more secure than Microsoft Windows – November 22, 2005
BusinessWeek columnist propagates discounted ‘Apple Mac security via obscurity myth’ – September 06, 2005
16-percent of computer users are unaffected by viruses, malware because they use Apple Macs – June 15, 2005
USA Today calls iMac G5 ‘exquisite’ but implies Mac OS X more secure than Windows due to obscurity – September 30, 2004
Another columnist trots out Mac OS X ‘Security through Obscurity’ myth – April 03, 2004
Gates: Windows ‘by far the most secure’ system; tries to use ‘Mac OS X secure through obscurity’ myth – January 27, 2004
Q&A Columnist uses ‘security through obscurity’ myth to defend Windows vs. Mac on virus issue – October 04, 2003
Columnist tries the ‘security through obscurity’ myth to defend Windows vs. Macs on virus front – October 01, 2003
New York Times: Mac OS X ‘much more secure than Windows XP’ – September 18, 2003
Shattering the Mac OS X ‘security through obscurity’ myth – August 28, 2003
Is Mac OS X really inherently more secure than Windows? – August 26, 2003
Virus and worm problems not just due to market share; Windows inherently insecure vs. Mac OS X – August 24, 2003

41 Comments

  1. Could someone explain to me how it comes Windows users are such IDIOTS? If the attachment has filename with extension .exe what the averaged moron on Windows think it will do by double-clicking it? reading a text file?

    The vast majority of idiots in the world all choose Windows as the OS to run on their computer. They should stick to pen and paper.

    Gotcha: they will still catch and spread virus licking the envelopes. Truth is, you can’t help morons.

  2. As we’ve learned all to well, this TOO won’t matter to tried and true PeeCee users. It’s the Munchausen Syndrome for these idiots or nothing. The more pain and suffering they and their friends have to bear, the more pity and attention they receive.

    As well as . . .

    JOB SECURITY! JOB SECURITY! JOB SECURITY! JOB SECURITY! JOB SECURITY!

  3. Vista’s idea of security is asking the user for permission to install software (not having to type in a password, just clicking OK). If a user is dumb enough to double click an EXE file they are clearly going to give permission!!!

  4. It’s scary that so many computers vital to the infrastructure of the U.S. run on Winblows. I can’t understand why some person or business or government agency hasn’t sued Mafia$oft for their shoddy OS and the time and money spent shoring it up on the user’s end. Lemmings!

  5. “Could someone explain to me how it comes Windows users are such IDIOTS? If the attachment has filename with extension .exe what the averaged moron on Windows think it will do by double-clicking it? reading a text file?”

    Well, a couple of reasons.

    First, as I understand it, Windows either shows you extensions or doesn’t show you extensions. Unlike Mac OS X, where it is based on the file. So it’s quite possible that Windows is not showing you the extension, because you told it not to. After all, who wants to see all those “.exe”s after the filename.

    Second, most people don’t know to look at extensions anyway and just double-click on the pretty icon anyway. Trust me, Mac users are just as stupid–perhaps more so, because we’re safe from these things.

    “The worm affects Vista installations as well.”

    Well, since it’s delivered as a Trojan, I would have no doubts of it’s ability to infect Vista. The question is, when it tries to install it’s payload, does Vista put up appropriate dialogs asking the user if this is OK.

  6. Quote: “Anyone notice that the ‘Month of Apple Bugs’ has gone fairly silent?”

    No, but what I have noticed is that many of the bugs seem to be X86 based rather than PPC. Also not all are bugs in OSX, but in apps which can lead to a security risk.

  7. “Too Amazing” is right. It’s scary and true: Most Mac users whose computers I have repaired over the past several years would also click on a malware attachment quite happily without a second thought.

    The people that read forums like MDN, MacInTouch, and others may be the “savvy” ones, but we are definately in the minority.

    It’s simply amazing to me that we haven’t seen lots of malware on Macs, even under System 7, OS 8, 9, and so on, based on “social engineering” like the trojan mentioned in the article. Just go to milw0rm.com any minute of any day and you’ll see what kinds of forums those guys have going.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.