Recent e-mail messages stating that the United States has already attacked Iran and, in some cases, also offering links to a video purportedly from a soldier, are not to be believed, according to Websense.
The security vendor said in an advisory Wednesday that it has linked the provocative e-mail messages to the Storm worm.
Storm got its name because it first took advantage of a huge winter storm in Northern Europe in early 2007. Since then, it has used a variety of social engineering tricks, including the use of political themes, to get unsuspecting users to open its malicious payload.
This time Storm is offering form.exe and iran_occupation.exe as executable payloads.
Acording to Dancho Danchev over at ZDNet Asia's sister site ZDNet, the latest iteration of Storm appears to be using the following domains:
- statenewsworld . com
- morenewsonline . com
- dailydotnews . com
- dotdailynews . com
- newsworldnow . com
This article was first published as a blog on CNET News.com.
Play video
There are currently no comments for this post.