Symantec's professionals have found a group of domains containing Storm worm. What is interesting though is that domains don't (currently) maintain active websites and that there is no spam sent from these domains.
"This is very unusual", writes Vikram Thakur in Symantec's blog.
Also, it's been noticed that Storm has started exploiting web browser vulnerabilities. In the past, Storm didn't do checks for vulnerabilities until it had started infecting the system.
Currently these tracked domains are not being linked to. It's still unsure if the sites are still under development or are the Storm authors planning to use some different technique to spread their creations. It's possible that there'll be a spam wave approaching in the next couple of days using upcoming Mother's Day as a lure.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment