Wednesday, February 28, 2007

Storm Worm Attacking Through Blogs

From ZDNet:

    The new Storm Worm variant attacks the machines of unsuspecting users when they open an e-mail attachment, click on a malicious e-mail link or visit a malicious site, said Dmitri Alperovitch, principal research scientist at Secure Computing.

    But the twist comes when these people later post blogs or bulletin board notices. The software will insert into each of their postings a link to a malicious Web site, said Alperovitch, who rates the threat as "high."

    "We haven't seen the Web channel used before," he said. "In the past, we've seen malicious links distributed to people in a user's address book and made to look like it's an instant message coming from them."
Sadly, neither ZD nor anything else I have found give any clue as to how to find out if your blog is infected or what to do if it is. And they don't tell whether certain platforms are more vulnerable than others.

Given that some local blogs appear to be acting strangely, this may already be happening to some of our friends.

On the other hand, I'm always looking for signs that people outside the 'sphere take us seriously. So now, add hackers to the list! Yay us!