Don’t fall in love with the Storm worm

Experts at SophosLabs have warned of a widespread email posing as a message of love which has been widely spammed across the internet in an attempt to install malicious code.

The gang behind the latest incarnation of the Dorf worm (also known as Storm) have deliberately spammed out a “romantic” email campaign, luring unsuspecting computer users to dangerous websites.

Subject lines used in the attack are many and varied, but all pose as a romantic message. Some of them include “Falling In Love with You”, “Special Romance”, “You’re In My Thoughts”, “Sent with Love”, “Our Love Will Last”, “Our Love is Strong”, “Your Love Has Opened”, “You’re the One”, “A Toast My Love”, and “Heavenly Love”.

The body of the email contains a link to an IP-address based website, which is actually one of the many compromised PCs in the Storm botnet. The website displays a large red heart, while installing malware onto the vistor’s PC.

Sophos analysts believe that the worm code is designed to attempt to download further malicious code from the internet designed to take over the PC, convert it into part of a zombie network, and use it to send spam on behalf of hacking gangs.