<<<
NEWS FROM THE LAB - Monday, December 24, 2007
>>>
 

 
It's a Stormy Christmas Eve... Posted by Esz @ 08:54 GMT

So, we were wrong. It turns out that the Storm gang was going to do a Christmas malware run after all, they just decided to start it surprisingly late — on Christmas eve itself!

There's been a series of spam messages redirecting traffic to malicious site merrychristmasdude.com. This site contains a new version of the Storm Worm. The IP address of the site changes every second. We already detect it as
Email-Worm.Win32.Zhelatin.pd.

Here are some screen shots of the site:

Storm Xmas

Storm Xmas

Don't be naughty and go wondering to that domain. Please do not click on the "Download For Free Now" button as it will get you infected. Merry Christmas, y'all!