ZDNetAsia : Printer Friendly - Storm worm e-mail says US attacked Iran

To print: Select File and then Print from your browser's menu

--------------------------------------------------------------
This story was printed from ZDNet Asia.
--------------------------------------------------------------

Storm worm e-mail says US attacked Iran

By Robert Vamosi
Thursday, July 10 2008 11:01 AM
URL: http://www.zdnetasia.com/news/security/0,39044215,62043637,00.htm

Recent e-mail messages stating that the United States has already attacked Iran and, in some cases, also offering links to a video purportedly from a soldier, are not to be believed, according to Websense.

The security vendor said in an advisory Wednesday that it has linked the provocative e-mail messages to the Storm worm.

Storm got its name because it first took advantage of a huge winter storm in Northern Europe in early 2007. Since then, it has used a variety of social engineering tricks, including the use of political themes, to get unsuspecting users to open its malicious payload.

This time Storm is offering form.exe and iran_occupation.exe as executable payloads.

Acording to Dancho Danchev over at ZDNet Asia's sister site ZDNet, the latest iteration of Storm appears to be using the following domains:

statenewsworld . com
morenewsonline . com
dailydotnews . com
dotdailynews . com
newsworldnow . com

This article was first published as a blog on CNET News.com.