Storm of the Day

The email Storm Trojan has changed again. Today, the Storm has dropped the YouTube logo but still retains the "hot" new video theme.  Sample subject lines include: 

awesome new video
Cool Video is out
dude this is not even on MTV yet
dude, check out this video, is not out yet
Hot new video
i know you love this music
oh man, you got to see this video
OMG, check out the new video
this video is not out yet
this video rocks
your gonna love this, lol

The email body is plain text, and as usual with Storm, contains a URL link with a simple IP address:

If you click on the link it will take you to a website that will attempt to exploit vulnerabilities in your browser.  The web page states:

"If the video does not start playing you to need to load the right codec. Click on the link to install it." 

The link provided prompts you to download the malicious Storm Trojan (also called Zhelatin), in this case called 'codec.exe'.

As before, be wary of clicking on links in any unsolicited email, and in light of these recent Storm attacks, be doubly suspicious of any links with an IP address.

MailMarshal customers should note the current SpamCensor is detecting these messages as spam and no further action is necessary.