Websense is reporting that the Storm Trojan is now using YouTube links as a lure to pull in the unsuspecting.
The Storm Trojan / Bot continues to spread and is now using a YouTube video to lure users. The latest version has a variety of subjects and email bodies but now uses the filename video.exe.
Email subject example: Sheesh man what are you thinkin.
Upon connecting to the URL, which is referenced as a YouTube link but is actually a Storm IP, the same exploit code used in past attacks attempts to run
[tags]Websense, Malicious Website, YouTube[/tags]
Yeah, I got one of these this weekend and had to marvel at the social engineering technique. It read like this:
Subject: are you kidding me? lol
Dude I know thats you, someone emailed me a link to the video. take a look, lol…