The malicious botnet is now attempting to recruit new members by hiding its malware within a fake news story about the FBI and Facebook.
The spam messages contain such headlines as "F.B.I. may strike Facebook," F.B.I. are spying on your Facebook profiles" and "Facebook’s F.B.I. ties."
Upon attempting to view the supposed video of the article, the user is presented with an executable file, which in turn infects the user and ads the PC to the massive Storm botnet.
Researchers at security firm Sophos first discovered the spam run early yesterday. According to Sophos, this is the third campaign from Storm within a week.
The other attacks include fake stories on a new North American currency known as the "Amero" and a run of fake greeting cards.
The attacks are very similar to another spam run Storm made earlier this month. In that attack, Storm's creators fabricated a series of stories about the United States invading Iran and attempted to trick users into installing the trojan by disguising it as a video file.
The US Computer Emergency Response Team is encouraging users to avoid opening suspicious email attachments and keep updated anti-virus software.
Storm spoofs FBI via Facebook
By Shaun Nichols on Jul 30, 2008 10:32AM