Mixed messages on Valentine's spam

Storm Worm unleashes another wave of love, but ad spam may be down.

With Valentine's Day upon us at last, the creators of the so-called 'Storm Worm' have as expected released yet another barrage of their malware, now using Valentine-specific subject lines rather than the more broadly romantic topics of the last few weeks. However, while some reports say spammers in general have geared up their efforts to target the Valentine's market, other sources are seeing a marked and unexpected drop in the usual levels of festival-related spam.

The latest Storm Worm variants began arriving in inboxes overnight, with the malware executable generally labelled 'Greetings Card.exe', 'Postcard.exe', 'Flash Postcard.exe or variations on the same theme, as in previous runs, and the latest subject lines including 'For my Valentine', 'My Valentine Heart' and other usual suspects. Most sources are reporting seeing large numbers of infected emails.

In the world of more general marketing spam, some sources such as Sophos have reported the expected rise of Valentine-related mails, pushing the standard wares such as Viagra using Valentine-related messages and imagery. Over at McAfee, however, a blogger has reported his surprise at the generally low levels of topical spam, surmising that the turf war between spam gangs, implied by recent details of DDoS attacks carried out by Storm Worm variants on sites hosting Stration/Warezov malware, may be behind the lack of normal spammer activity.

'We've seen a few Valentine's-related spams here, but certainly not the avalanche we might expect,' said John Hawes, Technical Consultant at Virus Bulletin. 'It could be we've just been blinded to romantic subject lines by the weeks and weeks of Storm seedings, as it certainly seems to be business as usual for other types of spam.'

14 February 2007

Tags: del.icio.us digg this