Seasons greetings worm leads to a strip-tease

Following the seasonally appropriate variant of the Storm Worm at Halloween (see: Stormy Halloween), for Christmas Eve the creators of this pest have unleashed a Christmas version on E-mail customers. Under headings like "I love this Carol!", "Santa Said, HO HO HO" or "Christmas E-mail", English language E-mails have been sent into circulation by the Storm Bot Network. With a few innocuous words, they promise a linked Web site with a harmless-looking URL where the reader's stress will be reduced.

There, surfers are greeted by ladies in brief red and white Christmas underwear, reminiscent of UK TV adverts for the gutter press. On its own would be nothing special, but the Web site linked to by the E-mail attempts to palm off a pest on users in the form of the executable file "stripshow.exe". In a brief test by heise Security, only the scan engines of Kaspersky, F-Secure, Microsoft OneCare and Norton identified this worm. However the situation may change at any time, since another binary pest is distributed every few minutes via FastFlux servers.

So it's true at Christmas time too: recipients of E-mails with attached files or links to Web sites should observe caution and not execute the files. In all the flurry of presents and guests, moreover, users' E-mail programs, Web browsers and selected antivirus products should be kept updated to the latest version to stop pests slipping into systems unnoticed via vulnerabilities in older versions. Further tips for protection against malicious attacks can be found on heise Security's antivirus pages Anti-virus & Malware protection.

(trk)