Websense: Storm Worm tactic - Earthquake in China and upcoming Olympics
June 2008 by Websense
Websense® Security Labs™ ThreatSeeker technology has discovered a new Storm Worm social-engineering tactic, capitalizing on the recent global attention around 2 major events: the recent natural disaster in China and the upcoming Olympics, also to be held in China.
These malicious sites speculate that the upcoming Olympics in Beijing would be "under the threat of failure" because of the recent earthquake in China, and then tricks visitors to click on what looks like an embedded flash video player, that really leads to the download of a malicious executable. Users that open this file will have their desktop infected with a Trojan.
We have detected email lures containing links to these sites spreading rapidly through our Hosted Email Security and on-premise email security.
The US Computer Emergency Readiness Team (US-CERT) has also reported this on their web site: New Storm Worm Variant Spreading (June 19, 2008 at 11:23 am).
This is what the malicious page looks like:
Screenshot of the malicious web site’s source code: