Valentine’s Day Worms Doing the Rounds on the Internet, warns PandaLabs

Valentine's Day Worm Warning by PandaLabs Valentine’s Day is soon approaching, and malware writers all over the world are using this opportunity to spread the good bad word. Panda Security has announced that PandaLabs has detected two new worms which use the topic of Valentine’s Day to spread.

The newly discovered worms are called Nuwar.OL and Valentine.E. In fact, earlier this month, we had reported about the return of the Storm Worm just in time for Valentine’s Day.

According to Luis Corrons, Technical Director of PandaLabs, “Year after year we see the appearance of several malware strains that use Valentine’s Day as bait to attract users. This indicates that cyber-crooks are still reaping the benefits of this technique and many people still fall into the trap.”

The first worm Nuwar.OL reaches computers via email accompanied by subjects like “I Love You So Much,” “Inside My Heart” or “You In My Dreams.” The text of this mail includes a website link that downloads the malicious code.

The web site is very simple and looks a lot like a typical mushy Valentine’s Day card complete with a large pink heart. Once it has infected a computer, the worm sends out a large amount of emails to the infected user’s contacts, in order to spread. This tends to create a very heavy load on networks, slowing down the computer.

The second worm lurking around is called Valentin.E and much like the first worm it too spreads with subjects such as “Searching for True Love” or “True Love” teamed with an attached file called “friends4u”. Now, if the user happens to open this file, a copy of the worm will be downloaded, after which the malicious code installs of the computer as a file with the .scr extension.

If the unsuspecting user does run this, Valentin.E shows a new desktop background, tricking the user, and keeping him or her occupied, while the sneaky worm makes several copies of itself on the computer. Finally, the worm sends out emails with copies of itself from the infected computer, further spreading and infecting more users.

Both cases are clear examples of social engineering techniques used to spread malware. They use attractive subjects — Valentine’s Day greeting cards, romantic desktop themes, etc. — to entice users to run attachments or click links that ultimately download malware onto their computers,” Corrons went on.

To avoid getting duped by these deceiving mails, Panda Security has offered the following tips:

  • Do not open any emails that come from unknown sources.
  • Do not click any links included in email messages, even though they may come from reliable sources. It is better to type them in the address bar
  • Do not run attached files that come from unknown sources. Stay on the alert for files that claim to be Valentine’s greeting cards, romantic videos, etc.
  • Have an effective security solution installed, capable of detecting both known and new malware strains
  • Previous articleChurch of Scientology Web site attacked by Anonymous Hackers
    Next articleCharter Erroneously Deletes 14000 Customer E-Mail Accounts