Mixed messages on Valentine's spam
Storm Worm unleashes another wave of love, but ad spam may be down.
With Valentine's Day upon us at last, the creators of the so-called 'Storm Worm' have as expected released yet another barrage of their malware, now using Valentine-specific subject lines rather than the more broadly romantic topics of the last few weeks. However, while some reports say spammers in general have geared up their efforts to target the Valentine's market, other sources are seeing a marked and unexpected drop in the usual levels of festival-related spam.

The latest Storm Worm variants began arriving in inboxes overnight, with the malware executable generally labelled 'Greetings Card.exe', 'Postcard.exe', 'Flash Postcard.exe or variations on the same theme, as in previous runs, and the latest subject lines including 'For my Valentine', 'My Valentine Heart' and other usual suspects. Most sources are reporting seeing large numbers of infected emails.
In the world of more general marketing spam, some sources such as Sophos have reported the expected rise of Valentine-related mails, pushing the standard wares such as Viagra using Valentine-related messages and imagery. Over at McAfee, however, a blogger has reported his surprise at the generally low levels of topical spam, surmising that the turf war between spam gangs, implied by recent details of DDoS attacks carried out by Storm Worm variants on sites hosting Stration/Warezov malware, may be behind the lack of normal spammer activity.
'We've seen a few Valentine's-related spams here, but certainly not the avalanche we might expect,' said John Hawes, Technical Consultant at Virus Bulletin. 'It could be we've just been blinded to romantic subject lines by the weeks and weeks of Storm seedings, as it certainly seems to be business as usual for other types of spam.'
14 February 2007
Tags:
del.icio.us
digg this
Poll
How should software and OS patching/security updates be managed?Leave a comment
View 19 comments

Virus Bulletin
In this month's magazine:- Same malware, different code
- Can you spare a seg?
- Kernel mechanics of Rustock
- Early warning approaches to combat typosquatting
- The challenges of collecting and monitoring URLs that point to malware
- Norman Network Protection Appliance
- Anti-spam comparative review July 2009

Subscribe now!
Virus Bulletin currently has 165,650 registered users.

