Valentine's Day storm warning

By Staff Writers on Jan 16, 2008 3:26PM
Valentine's Day storm warning
Anti-virus vendor, PC Tools has identified a storm worm that is taking advantage of Valentine’s Day.

The worm is delivered in an email dubbed “withlove.exe” and other Valentine’s Day themed executable names as attachments for email messages with subjects such as; “I would dream”; and “Memories of you”.

According to PC Tools, the worm delivers rootkits and maintains control of a system via peer-to-peer communications (p2p), potentially making compromised systems a tool in identity theft and financial loss.

The storm worm delivers an email with an affectionate statement, inviting the user to visit a hyperlink containing an IP address. The destination website will attempt to exploit the visitor’s system, and if it can’t, the page provides a download link for the executable file.

PC Tools’ chief threat officer, Kurt Baumgartner, said that the 2008 campaign resembles the 2007 Valentine’s Day storm campaign that pushed romantic subject lines such as “Sending you my love” and “You’re the one”, but with a Mexican twist for its dropped components.

“Interestingly, we witnessed a variant of the worm dropping files like 'burito.ini' and 'burito5e84-1216.sys' before killing anti-virus products and adding the victim’s computer to its botnet,” said Baumgartner. “The ini file maintains a list of p2p peer information for maintaining communication throughout the botnet, while the sys file is a driver that injects code deep into the operating system.”
Got a news tip for our journalists? Share it with us anonymously here.
Tags:
antivirus pc security

Partner Content

Easily turn small, low-tech rooms into future-ready collaboration hubs
Easily turn small, low-tech rooms into future-ready collaboration hubs
Why Most MSPs Are Invisible (And What the Smart Ones Are Doing Instead)
Why Most MSPs Are Invisible (And What the Smart Ones Are Doing Instead)
Why Australia’s Industrial Leaders Are Turning to Dynamic Aspect for Dynamics 365 Business Central
Why Australia’s Industrial Leaders Are Turning to Dynamic Aspect for Dynamics 365 Business Central
Have ticket queues become your quiet business risk?
Have ticket queues become your quiet business risk?
Fabric workshops help partners tap into data services demand growth.
Fabric workshops help partners tap into data services demand growth.

Sponsored Whitepapers

Protect the data your business relies on
Protect the data your business relies on
Cut through the SASE confusion
Cut through the SASE confusion
Stay protected as cyber threats evolve
Stay protected as cyber threats evolve
Defend Your Network from the Next Generation of AI Threats
Defend Your Network from the Next Generation of AI Threats
The race to AI advantage is on. Don’t let slow consulting projects hold you back.
The race to AI advantage is on. Don’t let slow consulting projects hold you back.

Events

techpartner.news MSP index - Melbourne
techpartner.news MSP index - Melbourne
Pipeline 2026: Game Changers
Pipeline 2026: Game Changers

Most read articles

HamiltonJet partners with digital services provider Fortude

HamiltonJet partners with digital services provider Fortude
SentinelOne signs distribution agreement with Sektor

SentinelOne signs distribution agreement with Sektor
Rapid7’s new SIEM combines exposure management with threat detection

Rapid7’s new SIEM combines exposure management with threat detection
Why Kat McCrabb started with the hard stuff

Why Kat McCrabb started with the hard stuff

Log in

Email:
Password:
  |  Forgot your password?