Security alert: 'Valentine's Day' Storm gives love a bad name

The latest storm worm is delivering Valentine’s Day themed executable names as attachments – for example ‘withlove.exe’ -- in e-mail messages straight from the heart with subjects such as “I would dream” and “Memories of you”.

Valentine's Day is less than a month away, and already the special messages are flowing in. But before you click on an e-mail from a secret admirer, security vendors are warning that a new variant of the storm worm is taking advantage of star-crossed lovers and the lovelorn.

The latest storm worm is delivering Valentine's Day themed executable names as attachments -- for example 'withlove.exe' -- in e-mail messages straight from the heart with subjects such as "I would dream" and "Memories of you".

Security vendors identified the new variant of the storm worm in recent days, and while it comes from the same family as the botnet Net building Storm Trojan, it's called a worm as it has exhibited worm like characteristics.

"Storm is basically self replicating and goes everywhere. The storm worm -- once it infects a PC -- will go through every file to find e-mail addresses," said Simon Clausen, chief executive officer of PC Tools. "When it gets these addresses it will send itself out to those people's using these e-mails."

Security company, PC Tools warns consumers that the worm delivers rootkits and maintains control of a system via peer-to-peer communications (p2p). This type of threat has been repeatedly appearing over the last 12 months disguised in e-mails targeting a variety of world events and popular holidays such as Christmas. Storm is actively being developed by the hackers distributing it. The Storm worm today versus the storm worm a year ago is a very different threat.

So this new variant was bound to happen; just don't let it happen to you. And the usual advice applies. Don't click on e-mail links. If you get a suspicious e-mail -- especially from someone you don't know, then the best way to remove it, if it is in your inbox, is to put it in the trash.

Clausen says consumers need to be aware that clicking on the link will immediately infect your PC. "If you click on the URL and go to the Web site, then you are already infected. Once you click on the URL a Java script runs, downloads and installs a rootkit, and you won't easily find it on your PC as it is hidden, although you might see an increase in hard drive activity as it searches through your files."

"Interestingly, we witnessed a variant of the worm dropping files like "burito.ini" and "burito5e84-1216.sys" before killing antivirus products and adding the victim's computer to its botnet," said PC Tools chief threat officer, Kurt Baumgartner. "The .ini file maintains a list of p2p information for maintaining communication throughout the botnet, while the .sys file is a driver that injects code deep into the operating system," said Baumgartner.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Amanda Conroy

PC World
Show Comments

Cool Tech

Toys for Boys

Family Friendly

Stocking Stuffer

SmartLens - Clip on Phone Camera Lens Set of 3

Learn more >

Christmas Gift Guide

Click for more ›

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Aysha Strobbe

Microsoft Office 365/HP Spectre x360

Microsoft Office continues to make a student’s life that little bit easier by offering reliable, easy to use, time-saving functionality, while continuing to develop new features that further enhance what is already a formidable collection of applications

Michael Hargreaves

Microsoft Office 365/Dell XPS 15 2-in-1

I’d recommend a Dell XPS 15 2-in-1 and the new Windows 10 to anyone who needs to get serious work done (before you kick back on your couch with your favourite Netflix show.)

Maryellen Rose George

Brother PT-P750W

It’s useful for office tasks as well as pragmatic labelling of equipment and storage – just don’t get too excited and label everything in sight!

Cathy Giles

Brother MFC-L8900CDW

The Brother MFC-L8900CDW is an absolute stand out. I struggle to fault it.

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Featured Content

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?