Halloween Storm

It was probably inevitable at this time of year.  Today the Storm has morphed to a Halloween theme that attempts to get you to view a fun dancing skeleton.  The email subject lines include the following:

Dancing Bones
Dancing skeleton
For people with a sense of humor only
Halloween Fun
Happy Halloween
I am sending this to everyone
I played with this for hours
If your in your office, keep the speakers low, lol
Make him dance
Man this is funny
Nothing is funnier this Halloween
Party on this Halloween
Send this to your friends
Show this to the kids
The most amazing dancing skeleton
This will make you laugh
To much fun
Watch him dance
You'll laugh your but off

As usual, the email message is simple and distinctive, with a URL link that consists of an IP address.

Following the link will take to you a web page that attempts to automatically deploy the Storm trojan via known vulnerabilities.  However, the web page also provides a handy link should you wish to download and infect yourself manually. The downloaded file is called 'halloween.exe'.

The Storm has followed this basic format for over two months now.  While the subject and website content changes, the nature and delivery of the attack is now very familiar.  As usual be wary of email with a single IP address link.

MailMarshal customers should note this storm variant is being detected as spam by the latest SpamCensor.