Websense discovers worm proclaiming WWIII 13 July, 2008 By Vanessa Ho

However, instead of clicking on a video, users would download an executable that turns their machine into a botnet which the spammer can now use to send more spam or distributed denial of service (DDOS) attacks from that infected machine.

"Storm is the most popular botnet of all time," said Stephan Chenette, manager of Websense Security Labs. "This attack more than any surround key events that are happening [in the world] and [this time] it focuses on the tension that exists between the U.S. and Iran and exploiting people's interest in that story."

If a victim of such an attack, Chenette said that users can become liable for any spamming or DDOS that originates from their machine, even if they are unaware of it happening as most law enforcement officials look at where the spam is coming from and not necessarily the spam's author.

Since there are no patches available to stop Storm and since the worm relies on the social-engineering aspect of the web to get its message out, Chenette recommended that people install a web filtering product that does pre-emptive and real-time scanning to filter malicious URLs. As well, common sense can provide the biggest protection. He cited that people should be wary when they receive links they never heard of and always be cautious when surfing the web.

Even after interest in the tense relations between the U.S. and Iran dies down, Chenette said don't expect the Storm worm to stay quiet.

"Storm will continue to surround itself to the next event as long as it is intriguing to the user," he added. Chenette warned that users should be on the lookout for Storm attacks around the Beijing Olympics and the U.S. presidential election.